CVE-2026-4500 - Vulnerability Details

- bagofwords1 bagofwords code_execution.py generate_df injection

Description

A vulnerability was identified in bagofwords1 bagofwords up to 0.0.297. This impacts the function generate_df of the file backend/app/ai/code_execution/code_execution.py. Such manipulation leads to injection. The attack may be launched remotely. The exploit is publicly available and might be used. Upgrading to version 0.0.298 will fix this issue. The name of the patch is 47b20bcda31264635faff7f6b1c8095abe1861c6. It is recommended to upgrade the affected component.

Published: 2026-03-20

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An injection flaw in the generate_df function of bagofwords1 bagofwords permits attackers to inject data that is processed by the backend, allowing remote execution of arbitrary code. The flaw aligns with CWE-74 for input injection and CWE-707 for unsafe handling of user-provided data. Because the exploit is publicly available and can be triggered over the network, an attacker can compromise the entire application if they gain access to the remote interface. The vulnerability can lead to loss of confidentiality and integrity of application data, as well as denial of service if the injected content disrupts normal function.

Affected Systems

bagofwords1 bagofwords versions up to and including 0.0.297 are affected. Updating to version 0.0.298, which contains the referenced patch with commit hash 47b20bcda31264635faff7f6b1c8095abe1861c6, resolves the issue.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity, and the EPSS score is not available, which does not allow precise quantification of exploitation probability. The vulnerability is not listed in the CISA KEV catalog, but the publicly available exploit and remote attack surface increase the practical risk. Exploitation requires network access to the application and the ability to supply crafted input through the generate_df endpoint, making it a remote exploitation vector.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

bagofwords1

bagofwords

affected

Version	Status	Constraints
`0.0.297`	affected	—
`0.0.298`	unaffected	—

No data.

Vendor Product Confidence Versions

Bagofwords1

Bagofwords

100%

Version	Status	Scheme	Platform
`0.0.297`	affected	semver	—
`0.0.298`	unaffected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade bagofwords1 bagofwords to version 0.0.298 or later to apply the security patch.

Generated by OpenCVE AI on March 20, 2026 at 20:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00028.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/Ka7arotto/cve/blob/main/bagofwords-rce.md
https://github.com/bagofwords1/bagofwords/
https://github.com/bagofwords1/bagofwords/commit/47b20bcda31264635faff7f6b1c8095abe1861c6
https://github.com/bagofwords1/bagofwords/issues/60
https://github.com/bagofwords1/bagofwords/pull/63
https://github.com/bagofwords1/bagofwords/releases/tag/v0.0.298
https://vuldb.com/?ctiid.352065
https://vuldb.com/?id.352065
https://vuldb.com/?submit.773890

History

Tue, 24 Mar 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 23 Mar 2026 10:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Bagofwords1 Bagofwords1 bagofwords
Vendors & Products		Bagofwords1 Bagofwords1 bagofwords

Fri, 20 Mar 2026 19:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was identified in bagofwords1 bagofwords up to 0.0.297. This impacts the function generate_df of the file backend/app/ai/code_execution/code_execution.py. Such manipulation leads to injection. The attack may be launched remotely. The exploit is publicly available and might be used. Upgrading to version 0.0.298 will fix this issue. The name of the patch is 47b20bcda31264635faff7f6b1c8095abe1861c6. It is recommended to upgrade the affected component.
Title		bagofwords1 bagofwords code_execution.py generate_df injection
Weaknesses		CWE-707 CWE-74
References		https://github.com/Ka7arotto/cve/blob/main/bagofwords-rce.md https://github.com/bagofwords1/bagofwords/ https://github.com/bagofwords1/bagofwords/commit/47b20bcda31264635faff7f6b1c8095abe1861c6 https://github.com/bagofwords1/bagofwords/issues/60 https://github.com/bagofwords1/bagofwords/pull/63 https://github.com/bagofwords1/bagofwords/releases/tag/v0.0.298 https://vuldb.com/?ctiid.352065 https://vuldb.com/?id.352065 https://vuldb.com/?submit.773890
Metrics		cvssV2_0 `{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}` cvssV3_0 `{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}` cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Bagofwords1 Bagofwords

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-20T19:32:33.452Z

Updated: 2026-03-24T19:30:36.410Z

Reserved: 2026-03-20T12:38:08.859Z

Link: CVE-2026-4500

Vulnrichment

Updated: 2026-03-24T19:30:27.592Z

NVD

Status : Deferred

Published: 2026-03-20T20:16:50.450

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-4500

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-25T14:34:51Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object