pydantic-ai

Latest secure version 2.0.0b6

Agent Framework / shim to use Pydantic with LLMs

MIT

Known vulnerabilities and security issues detected in the extension's dependencies and code.

Vulnerability ID	Advisory				Affected Versions
CVE-2026-25580	Affected versions of the pydantic-ai package are vulnerable to Server-Side Request Forgery (SSRF) due to missing validation that downloaded URLs resolve to public internet addresses. The download_item…	High	–	–	>=0.0.26,<1.56.0
CVE-2026-46678	Affected versions of the pydantic-ai package are vulnerable to Server-Side Request Forgery due to the cloud-metadata and private-IP blocklists failing to handle IPv6 transition representations of bloc…	Medium	–	–	>=1.56.0,<1.99.0
CVE-2026-25640	Affected versions of the pydantic-ai package are vulnerable to Cross-site Scripting (XSS) due to an unvalidated version query parameter being used to build a CDN URL. In the Pydantic AI web UI served …	Medium	–	–	>=1.34.0,<1.51.0

Additional security issues found by Safety, exclusive to our platform.

Safety discovered vulnerability data is available for Enterprise customers

Book a call with us to see Safety in action.

Functions linked to known vulnerabilities in this package.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.