CVE-2025-11844
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-30

Assigner: huntr.dev

Description
Hugging Face Smolagents version 1.20.0 contains an XPath injection vulnerability in the search_item_ctrl_f function located in src/smolagents/vision_web_browser.py. The function constructs an XPath query by directly concatenating user-supplied input into the XPath expression without proper sanitization or escaping. This allows an attacker to inject malicious XPath syntax that can alter the intended query logic. The vulnerability enables attackers to bypass search filters, access unintended DOM elements, and disrupt web automation workflows. This can lead to information disclosure, manipulation of AI agent interactions, and compromise the reliability of automated web tasks. The issue is fixed in version 1.22.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-30
Generated
2026-05-07
AI Q&A
2025-10-22
EPSS Evaluated
2026-05-05
NVD
CVE-2025-11844
EUVD
EUVD-2025-35361
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
huggingface smolagents From 1.20.0 (inc) to 1.22.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-643 The product uses external input to dynamically construct an XPath expression used to retrieve data from an XML database, but it does not neutralize or incorrectly neutralizes that input. This allows an attacker to control the structure of the query.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an XPath injection in the search_item_ctrl_f function of Hugging Face Smolagents version 1.20.0. The function builds an XPath query by directly inserting user input without proper sanitization or escaping. This allows attackers to inject malicious XPath syntax, altering the query logic to bypass search filters, access unintended DOM elements, and disrupt web automation workflows.


How can this vulnerability impact me? :

The vulnerability can lead to information disclosure, manipulation of AI agent interactions, and compromise the reliability of automated web tasks by allowing attackers to bypass search filters and access unintended parts of the web page's DOM.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this XPath injection vulnerability involves reviewing the version of Hugging Face Smolagents installed (vulnerable if version 1.20.0) and analyzing the usage of the search_item_ctrl_f function in src/smolagents/vision_web_browser.py for unsafe XPath query construction. Network or system detection commands are not explicitly provided in the resources. However, you can check the installed package version using commands like `pip show smolagents` or inspect the source code for the vulnerable function. Additionally, monitoring for unusual or unexpected XPath queries or errors in web automation logs may help identify exploitation attempts. [1]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade Hugging Face Smolagents to version 1.22.0 or later, where the XPath injection vulnerability in search_item_ctrl_f has been fixed. Avoid using the vulnerable version 1.20.0 and ensure that user inputs are properly sanitized or escaped before being used in XPath queries. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart