CVE-2026-25905 | mcp-run-python Pyodide API runPython/runPythonAsync improper isolation or compartmentalization (jfsa-2026-001653)

Inserito da Angelo Barbosa | Feb 9, 2026 | CVE

A vulnerability, which was classified as problematic, was found in mcp-run-python. Impacted is the function runPython/runPythonAsync of the component Pyodide API. The manipulation results in improper isolation or compartmentalization.

This vulnerability is identified as CVE-2026-25905. The attack can be executed remotely. There is not any exploit available.

CVE-2026-25905 | mcp-run-python Pyodide API runPython/runPythonAsync improper isolation or compartmentalization (jfsa-2026-001653)

Post correlati

CVE-2024-36501 | Huawei HarmonyOS/EMUI out-of-bounds write

CVE-2024-2667 | InstaWP Connect Plugin up to 0.1.0.22 on WordPress unrestricted upload

CVE-2024-0111 | NVIDIA CUDA Toolkit up to 12.6 cuobjdump improper validation of specified quantity in input

CVE-2025-30026 | Axis Camera Station Pro/Camera Station authentication bypass (EUVD-2025-21109)