CVE-2026-41206
Published: 23 April 2026
Summary
CVE-2026-41206 is a high-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Parzivalhack Pyspector. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Python (T1059.006); ranked at the 5.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-11 (User-installed Software) and RA-5 (Vulnerability Monitoring and Scanning).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires timely identification, reporting, and patching of the incomplete blocklist flaw in PySpector's plugin validator to prevent arbitrary code execution.
Enforces policies and monitoring for user-installed software such as malicious PySpector plugins to block their installation and execution.
Mandates vulnerability scanning and monitoring from authoritative sources to detect and address flaws like CVE-2026-41206 in PySpector prior to exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability bypasses plugin validation allowing arbitrary malicious Python code execution (T1059.006); requires user interaction to load the malicious plugin file (T1204.002).
NVD Description
PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the blocklist…
more
implemented in `PluginSecurity.validate_plugin_code` is incomplete and can be bypassed using several Python constructs that are not checked. An attacker who can supply a plugin file can achieve arbitrary code execution within the PySpector process when that plugin is installed and executed. Version 0.1.8 fixes the issue.
Deeper analysisAI
CVE-2026-41206 affects PySpector, a static analysis security testing (SAST) framework designed for modern Python development workflows. The vulnerability resides in the plugin security validator, specifically the `PluginSecurity.validate_plugin_code` function, which relies on AST-based static analysis and an incomplete blocklist to prevent dangerous code from loading as plugins. In versions prior to 0.1.8, this blocklist can be bypassed using various unchecked Python constructs, enabling malicious plugin code to execute.
An attacker who can supply a malicious plugin file can exploit this issue when the plugin is installed and executed within PySpector. The CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) indicates that exploitation requires local access, low attack complexity, no privileges, and user interaction, such as loading the plugin. Successful exploitation results in arbitrary code execution within the PySpector process, potentially compromising confidentiality, integrity, and availability.
The GitHub security advisory (GHSA-vp22-38m5-r39r) and related commits detail the fix in version 0.1.8, which addresses the incomplete blocklist. Security practitioners should upgrade to PySpector 0.1.8 or later and validate plugins from untrusted sources carefully, as the issue is tied to CWE-184 (incomplete list of disallowed inputs).
Details
- CWE(s)