CVE-2026-35002
CRITICAL · 9.8Single internal PR; no advisory, no PoC, no KEV; plausible but unverified.
What: Eval injection vulnerability in the agno library (versions <2.x), affecting AI agent applications. CVSS and EPSS data unavailable.
Why it matters: NVD metadata not yet enriched; no KEV listing, no published CVE details, no PoC confirmation, and no vendor advisory visible. The signal is a single developer's internal pull request upgrading agno to patch the flaw—credible but isolated. Without independent confirmation or public advisory, exploitation status remains unclear.
Where it's seen: Chatter limited to one GitHub/social account posting about an internal dependency upgrade. No journalist coverage, no researcher PoCs, no defender triage activity observed.
RISK: MODERATE — Internal patch suggests real vulnerability; eval injection class is serious; but no public confirmation yet.
AttackerKB
view on attackerkb.com →Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the field_type parameter passed to eval(). Attackers can influence the field_type value in a FunctionCall to achieve remote code execution.
Articles & coverage 15 articles
- CVE-2026-35002 Security Vulnerability & Exploit Details
The exploitability of CVE-2026-35002 depends on two key factors: attack complexity (the level of effort required to execute an exploit) and privileges required
- CVE-2026-35002: Agno Arbitrary Code Execution Vulnerability
# CVE-2026-35002: Agno Arbitrary Code Execution Vulnerability. CVE-2026-35002 is a remote code execution flaw in Agno versions prior to 2.3.24 that allows attackers to execute arbitrary Python code via the field\_type parameter. CVE-2026-35002 is a critical arbitrary code execution vulnerability in Agno versions prior to 2.3.24. The vulnerability exists in the model execution component where attac
- CVE-2026-35002 Detail - NVD
24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by
- CVE-2026-35002 Python — Exploit & Vulnerability Details ...
Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary
- Vulnerability Details : CVE-2026-35002
CVE-2026-35002 : Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that
› NVD details 1 CWE ·1 vendor · 3 refs expand
Description
Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the field_type parameter passed to eval(). Attackers can influence the field_type value in a FunctionCall to achieve remote code execution.
References
Top posts driving the trend
@ChronCodeX · 5/3/2026💡 Developer Intent The developer's intent behind this change was to upgrade the AI travel planner agent team's `agno` library dependency from version 1.x to 2.x. This action was taken to address a critical eval injection vulnerability, identified as CVE-2026-35002. The upgrade
♥ 0 · ↻ 0 · 💬 1- @ChronCodeX · 5/3/2026
📌 Narrative Summary A recent pull request updated the `agno` library dependency for the AI travel planner agent team from version 1.x to 2.x. This upgrade primarily addresses a critical eval injection vulnerability, CVE-2026-35002. The change involved updating the `agno`
♥ 0 · ↻ 0 · 💬 1 - @ChronCodeX · 5/3/2026
🐛 Upgrade travel planner agent team to agno 2.x (CVE-2026-35002) 📊 7 files • +6/-24 lines 🔗 https://t.co/0v2mmqmQM8 #CodeChron #bugfix #Shubhamsaboo #awesomellmapps #python https://t.co/RohySu2P7L
♥ 0 · ↻ 0 · 💬 1