Description
Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block will gain explicit host-machine command rights. The AI codebase package includes a lightweight debugging Flask server inside ai/sandbox/wsgi_app.py. The /exec-py route accepts base_64 encoded raw string payloads inside the code parameter natively evaluated by a basic POST web request. It saves it rapidly to the operating system logic path and injects it recursively using execute_module(module_path...). This issue has been fixed in version 1.2.3.
Published: 2026-03-20
Score: 9.8 Critical
EPSS: 8.4% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an attacker to execute arbitrary Python code on the host. An insecure /exec‑py route in Mesop’s ai testing module accepts base64‑encoded Python code and executes it without authentication or validation, leading to uncontrolled code execution on the server and representing a classic code injection flaw identified as CWE‑94.

Affected Systems

The affected product is Mesop from mesop‑dev. Versions 1.2.2 and earlier are impacted; the issue was fixed in 1.2.3.

Risk and Exploitability

With a CVSS score of 9.8 the risk is extremely high. The EPSS score is 8%, indicating a higher public exploitation probability, but the vulnerability can be triggered by any unauthenticated HTTP request to the /exec‑py endpoint, which can be accessed by anyone able to route traffic to the Mesop application. The non‑authenticatable route allows immediate host‑level command execution and is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on May 2, 2026 at 00:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Mesop to version 1.2.3 or later.
  • If upgrading is not possible immediately, disable or remove the /exec‑py route (or the ai/sandbox/wsgi_app debugging server).
  • Restrict network exposure of the Mesop application, ensuring only trusted hosts can reach the /exec‑py endpoint.

Generated by OpenCVE AI on May 2, 2026 at 00:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-gjgx-rvqr-6w6v Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
History

Wed, 25 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mesop-dev:mesop:*:*:*:*:*:*:*:*

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Mesop-dev
Mesop-dev mesop
Vendors & Products Mesop-dev
Mesop-dev mesop

Fri, 20 Mar 2026 07:45:00 +0000

Type Values Removed Values Added
Description Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block will gain explicit host-machine command rights. The AI codebase package includes a lightweight debugging Flask server inside ai/sandbox/wsgi_app.py. The /exec-py route accepts base_64 encoded raw string payloads inside the code parameter natively evaluated by a basic POST web request. It saves it rapidly to the operating system logic path and injects it recursively using execute_module(module_path...). This issue has been fixed in version 1.2.3.
Title Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
Weaknesses CWE-94
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Mesop-dev Mesop
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-25T13:52:27.880Z

Reserved: 2026-03-17T18:10:50.213Z

Link: CVE-2026-33057

cve-icon Vulnrichment

Updated: 2026-03-25T13:51:56.554Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T08:16:11.763

Modified: 2026-03-24T16:04:15.727

Link: CVE-2026-33057

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T01:00:15Z

Weaknesses