CVE-2025-4767 – Defog-ai Introspect Code Injection Vulnerability

CVE ID : CVE-2025-4767

Published : May 16, 2025, 10:15 a.m. | 44 minutes ago

Description : A vulnerability was found in defog-ai introspect up to 0.1.4. It has been rated as critical. Affected by this issue is the function test_custom_tool of the file introspect/backend/integration_routes.py of the component Test Endpoint. The manipulation of the argument input_model leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…