CVE-2025-12695

medium

Description

The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class.

References

https://research.jfrog.com/vulnerabilities/dspy-sandbox-escape-arbitrary-file-read-jfsa-2025-001495652/

Details

Source: Mitre, NVD

Published: 2025-11-04

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00031