CVE Tools
Sign in

CVE-2025-11844

XPath Injection in Hugging Face Smolagents search_item_ctrl_f Function

Published: Oct 22, 2025Updated: Oct 30, 2025 Sources: CVE List NVD GHSA BDUCWE-643
NVD MITRE
5.4CVSSMEDIUM
EPSS Score
0.3%
Top 83.7%
CISA KEV
Not in KEV
Exploits
1 Known
Remediation
Patch Available

Description

Hugging Face Smolagents version 1.20.0 contains an XPath injection vulnerability in the search_item_ctrl_f function located in src/smolagents/vision_web_browser.py. The function constructs an XPath query by directly concatenating user-supplied input into the XPath expression without proper sanitization or escaping. This allows an attacker to inject malicious XPath syntax that can alter the intended query logic. The vulnerability enables attackers to bypass search filters, access unintended DOM elements, and disrupt web automation workflows. This can lead to information disclosure, manipulation of AI agent interactions, and compromise the reliability of automated web tasks. The issue is fixed in version 1.22.0.

CVSS Vector Breakdown

AV:NAC:LPR:NUI:RS:UC:LI:LA:N
Exploitability
AV:NAttack Vector
Network
AC:LAttack Complexity
Low
PR:NPrivileges Required
None
UI:RUser Interaction
Required
Scope
S:UScope
Unchanged
Impact
C:LConfidentiality
Low
I:LIntegrity
Low
A:NAvailability
None
Open in CVSS calculator →

Weaknesses

CWE-643

Affected Products

huggingface/smolagentshuggingface
SaaS
AI / ML / ml-framework
smolagentshuggingface
SaaS
AI / ML / ml-framework
smolagentsPyPIOSS Libraries
SmolagentsHugging Face, Inc.
Mixed
AI / ML / ml-framework
huggingfacecommercialAI / MLaka transformers, huggingface/transformers, smolagents
pypipackage-ecosystemOSS Libraries
hugging face, inc.commercialAI / MLaka huggingface, transformers, smolagents

Exploitability

1 exploit source identified

Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.

View exploit details
Official Patch Available

References

https://huntr.com/bounties/01ab4405-9bca-4b26-b7a3-5ca1863a69b4
huntr.com
https://github.com/huggingface/smolagents/commit/f570ed5e17999d4cf7d5e79c2830fbaefab8a794
github.com
https://nvd.nist.gov/vuln/detail/CVE-2025-11844
nvd.nist.gov
and 2 more references View all →

Timeline

Published
Oct 22, 2025
Last Updated
Oct 30, 2025

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2025-11844 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows