Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by mesop-dev
CVE-2026-34824 (GCVE-0-2026-34824)
Vulnerability from cvelistv5 – Published: 2026-04-03 22:41 – Updated: 2026-04-06 15:42
VLAI?
Title
Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service
Summary
Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession of WebSocket messages, forcing the server to spawn an unbounded number of operating system threads. This leads to thread exhaustion and Out of Memory (OOM) errors, causing a complete Denial of Service (DoS) for any application built on the framework. This issue has been patched in version 1.2.5.
Severity ?
7.5 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34824",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T15:36:21.198461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:42:06.793Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-3jr7-6hqp-x679"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mesop",
"vendor": "mesop-dev",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.2.3, \u003c 1.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession of WebSocket messages, forcing the server to spawn an unbounded number of operating system threads. This leads to thread exhaustion and Out of Memory (OOM) errors, causing a complete Denial of Service (DoS) for any application built on the framework. This issue has been patched in version 1.2.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T22:41:34.828Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-3jr7-6hqp-x679",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-3jr7-6hqp-x679"
},
{
"name": "https://github.com/mesop-dev/mesop/commit/760a2079b5c609038c826d24dfbcf9b0be98d987",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mesop-dev/mesop/commit/760a2079b5c609038c826d24dfbcf9b0be98d987"
},
{
"name": "https://github.com/mesop-dev/mesop/releases/tag/v1.2.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mesop-dev/mesop/releases/tag/v1.2.5"
}
],
"source": {
"advisory": "GHSA-3jr7-6hqp-x679",
"discovery": "UNKNOWN"
},
"title": "Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34824",
"datePublished": "2026-04-03T22:41:34.828Z",
"dateReserved": "2026-03-30T20:52:53.283Z",
"dateUpdated": "2026-04-06T15:42:06.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33057 (GCVE-0-2026-33057)
Vulnerability from cvelistv5 – Published: 2026-03-20 07:16 – Updated: 2026-03-25 13:52
VLAI?
Title
Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
Summary
Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block will gain explicit host-machine command rights. The AI codebase package includes a lightweight debugging Flask server inside ai/sandbox/wsgi_app.py. The /exec-py route accepts base_64 encoded raw string payloads inside the code parameter natively evaluated by a basic POST web request. It saves it rapidly to the operating system logic path and injects it recursively using execute_module(module_path...). This issue has been fixed in version 1.2.3.
Severity ?
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33057",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T13:51:08.862480Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:52:27.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mesop",
"vendor": "mesop-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block will gain explicit host-machine command rights. The AI codebase package includes a lightweight debugging Flask server inside ai/sandbox/wsgi_app.py. The /exec-py route accepts base_64 encoded raw string payloads inside the code parameter natively evaluated by a basic POST web request. It saves it rapidly to the operating system logic path and injects it recursively using execute_module(module_path...). This issue has been fixed in version 1.2.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T07:16:59.603Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-gjgx-rvqr-6w6v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-gjgx-rvqr-6w6v"
},
{
"name": "https://github.com/mesop-dev/mesop/commit/825f55970c20686de3f28e2c66df4d74e9d4db47",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mesop-dev/mesop/commit/825f55970c20686de3f28e2c66df4d74e9d4db47"
}
],
"source": {
"advisory": "GHSA-gjgx-rvqr-6w6v",
"discovery": "UNKNOWN"
},
"title": "Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33057",
"datePublished": "2026-03-20T07:16:59.603Z",
"dateReserved": "2026-03-17T18:10:50.213Z",
"dateUpdated": "2026-03-25T13:52:27.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33054 (GCVE-0-2026-33054)
Vulnerability from cvelistv5 – Published: 2026-03-20 06:57 – Updated: 2026-03-20 13:50
VLAI?
Title
Mesop: Path Traversal utilizing `FileStateSessionBackend` leads to Application Denial of Service and File Write/Deletion
Summary
Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted state_token through the UI stream payload to arbitrarily target files on the disk under the standard file-based runtime backend. This can result in application denial of service (via crash loops when reading non-msgpack target files as configurations), or arbitrary file manipulation. This vulnerability heavily exposes systems hosted utilizing FileStateSessionBackend. Unauthorized malicious actors could interact with arbitrary payloads overwriting or explicitly removing underlying service resources natively outside the application bounds. This issue has been fixed in version 1.2.3.
Severity ?
10 (Critical)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33054",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T13:50:11.848501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T13:50:27.328Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-8qvf-mr4w-9x2c"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mesop",
"vendor": "mesop-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted state_token through the UI stream payload to arbitrarily target files on the disk under the standard file-based runtime backend. This can result in application denial of service (via crash loops when reading non-msgpack target files as configurations), or arbitrary file manipulation. This vulnerability heavily exposes systems hosted utilizing FileStateSessionBackend. Unauthorized malicious actors could interact with arbitrary payloads overwriting or explicitly removing underlying service resources natively outside the application bounds. This issue has been fixed in version 1.2.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T06:57:35.948Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-8qvf-mr4w-9x2c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-8qvf-mr4w-9x2c"
},
{
"name": "https://github.com/mesop-dev/mesop/commit/c6b382f363b73ac32c402a2db3aadc7784f66a5b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mesop-dev/mesop/commit/c6b382f363b73ac32c402a2db3aadc7784f66a5b"
},
{
"name": "https://github.com/mesop-dev/mesop/releases/tag/v1.2.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mesop-dev/mesop/releases/tag/v1.2.3"
}
],
"source": {
"advisory": "GHSA-8qvf-mr4w-9x2c",
"discovery": "UNKNOWN"
},
"title": "Mesop: Path Traversal utilizing `FileStateSessionBackend` leads to Application Denial of Service and File Write/Deletion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33054",
"datePublished": "2026-03-20T06:57:35.948Z",
"dateReserved": "2026-03-17T18:10:50.212Z",
"dateUpdated": "2026-03-20T13:50:27.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-30358 (GCVE-0-2025-30358)
Vulnerability from cvelistv5 – Published: 2025-03-27 14:49 – Updated: 2025-03-27 15:04
VLAI?
Title
Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
Summary
Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to a denial of service (DoS) attack against the server. Additionally, it could also result in other severe consequences given the application's implementation, such as identity confusion, where an attacker could impersonate an assistant or system role within conversations. This impersonation could potentially enable jailbreak attacks when interacting with large language models (LLMs). Just like the Javascript's prototype pollution, this vulnerability could leave a way for attackers to manipulate the intended data-flow or control-flow of the application at runtime and lead to severe consequences like remote code execution when gadgets are available. Users should upgrade to version 0.14.1 to obtain a fix for the issue.
Severity ?
8.1 (High)
CWE
- CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T15:03:56.762380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:04:59.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mesop",
"vendor": "mesop-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 0.14.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to a denial of service (DoS) attack against the server. Additionally, it could also result in other severe consequences given the application\u0027s implementation, such as identity confusion, where an attacker could impersonate an assistant or system role within conversations. This impersonation could potentially enable jailbreak attacks when interacting with large language models (LLMs). Just like the Javascript\u0027s prototype pollution, this vulnerability could leave a way for attackers to manipulate the intended data-flow or control-flow of the application at runtime and lead to severe consequences like remote code execution when gadgets are available. Users should upgrade to version 0.14.1 to obtain a fix for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-915",
"description": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T14:49:11.592Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-f3mf-hm6v-jfhh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/mesop-dev/mesop/security/advisories/GHSA-f3mf-hm6v-jfhh"
},
{
"name": "https://github.com/mesop-dev/mesop/commit/748e20d4a363d89b841d62213f5b0c6b4bed788f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mesop-dev/mesop/commit/748e20d4a363d89b841d62213f5b0c6b4bed788f"
}
],
"source": {
"advisory": "GHSA-f3mf-hm6v-jfhh",
"discovery": "UNKNOWN"
},
"title": "Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-30358",
"datePublished": "2025-03-27T14:49:11.592Z",
"dateReserved": "2025-03-21T14:12:06.270Z",
"dateUpdated": "2025-03-27T15:04:59.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}