High nvd · CVE-2026-42079

CVE-2026-42079: PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable t

Published May 4, 2026 CVSS 8.6

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary code execution via Python eval() of LLM-generated code with builtins in scope. This issue has been patched via commit 418491a.

Remote Code Execution Agentic / MCP

Affected AI Products

agentic llm

View original source

Get the weekly digest. Every Monday: top AI security stories of the week. Free.