Nixpkgs security tracker

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-35002

updated 1 month, 2 weeks ago by @pyrox0 Activity log

Created suggestion 1 month, 3 weeks ago
@pyrox0 ignored
2 packages
- agnos
- iagno
1 month, 2 weeks ago
@pyrox0 dismissed (not in Nixpkgs) 1 month, 2 weeks ago

Agno < 2.3.24 field_type Eval Injection Arbitrary Code Execution

Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the field_type parameter passed to eval(). Attackers can influence the field_type value in a FunctionCall to achieve remote code execution.

References

https://github.com/agno-agi/agno/releases/tag/v2.3.24 release-notes
https://github.com/agno-agi/agno/commit/cbf675521d4d2281925a051784a3b94172e56416 patch
https://www.vulncheck.com/advisories/agno-field-type-eval-injection-arbitrary-c… third-party-advisory

Affected products

Agno

==cbf675521d4d2281925a051784a3b94172e56416
<2.3.24

Matching in nixpkgs

pkgs.nixf-diagnose

CLI wrapper for nixf-tidy with fancy diagnostic output

nixos-unstable 0.1.4
- nixpkgs-unstable 0.1.4
- nixos-unstable-small 0.1.4
nixos-25.11 0.1.4
- nixos-25.11-small 0.1.4
- nixpkgs-25.11-darwin 0.1.4

pkgs.coc-diagnostic

diagnostic-languageserver extension for coc.nvim

nixos-unstable 0-unstable-2025-01-15
- nixpkgs-unstable 0-unstable-2025-01-15
- nixos-unstable-small 0-unstable-2025-01-15
nixos-25.11 0.24.1
- nixos-25.11-small 0.24.1
- nixpkgs-25.11-darwin 0.24.1

pkgs.diagnostic-languageserver

General purpose Language Server that integrate with linter to support diagnostic features

nixos-unstable 1.15.0
- nixpkgs-unstable 1.15.0
- nixos-unstable-small 1.15.0
nixos-25.11 1.15.0
- nixos-25.11-small 1.15.0
- nixpkgs-25.11-darwin 1.15.0

pkgs.vimPlugins.coc-diagnostic

diagnostic-languageserver extension for coc.nvim

nixos-unstable 0-unstable-2025-01-15
- nixpkgs-unstable 0-unstable-2025-01-15
- nixos-unstable-small 0-unstable-2025-01-15
nixos-25.11 0.24.1
- nixos-25.11-small 0.24.1
- nixpkgs-25.11-darwin 0.24.1

pkgs.haskellPackages.castagnoli

Portable CRC-32C

nixos-unstable 0.2.0.2
- nixpkgs-unstable 0.2.0.2
- nixos-unstable-small 0.2.0.2
nixos-25.11 0.2.0.2
- nixos-25.11-small 0.2.0.2
- nixpkgs-25.11-darwin 0.2.0.2