CVE-2026-33057
Unrestricted Remote Code Execution in Mesop ai/testing Module
Publication date: 2026-03-20
Last updated on: 2026-03-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mesop-dev | mesop | to 1.2.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-33057 is a critical vulnerability in the Mesop Python-based UI framework (versions 1.2.2 and below) that allows unauthenticated remote code execution. The issue exists in an explicit web endpoint `/exec-py` inside the AI testing module's Flask server, which accepts base64-encoded Python code via a POST request parameter named `code`. This code is decoded, saved to the host system, and executed without any authentication or input validation."}, {'type': 'paragraph', 'content': 'Any attacker capable of sending HTTP requests to this endpoint can execute arbitrary commands on the host machine with the privileges of the running service, leading to full system compromise.'}] [1]
How can this vulnerability impact me? :
This vulnerability allows remote attackers to execute arbitrary code on the affected system without authentication or user interaction. As a result, attackers can gain full control over the host machine, compromising confidentiality, integrity, and availability.
- Complete system takeover by executing arbitrary commands.
- Potential data theft or destruction.
- Disruption of service or system availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking for the presence of the vulnerable `/exec-py` endpoint in the Mesop application, specifically in versions 1.2.2 and below. Since the endpoint accepts base64-encoded Python code via a POST request parameter named `code`, you can attempt to send a test payload to see if the server executes it.'}, {'type': 'paragraph', 'content': 'A simple detection command using curl to test the vulnerability could be:'}, {'type': 'list_item', 'content': 'curl -X POST http://<target-server>/exec-py -d "code=$(echo -n \'import os; os.system(\\\'touch /tmp/pwned.txt\\\')\' | base64 -w0)"'}, {'type': 'paragraph', 'content': 'If the file `/tmp/pwned.txt` is created on the target system, it confirms the vulnerability is present and exploitable.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the Mesop package to version 1.2.3 or later, where this vulnerability has been fixed.
If upgrading is not immediately possible, you should disable or remove the vulnerable AI testing module and its Flask server, particularly the `/exec-py` endpoint, to prevent unauthenticated remote code execution.
According to the codebase changes, the entire AI package and its fine-tuning infrastructure were removed to address this issue, so removing these components is an effective mitigation.