CVE-2025-12695: 
Python vulnerability analysis and mitigation

The vulnerability (CVE-2025-12695) affects DSPy, specifically related to its sandbox configuration. Discovered and disclosed on November 4, 2025, this security flaw impacts DSPy versions up to and including 3.0.3. The vulnerability stems from an overly permissive sandbox configuration that affects scenarios where users build AI agents that consume user input and utilize the 'PythonInterpreter' class (JFrog Research, Miggo).

The vulnerability has been assigned a CVSS v3.1 base score of 5.9 (Medium), with a CVSS vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N. This indicates that the vulnerability is network-accessible, requires high attack complexity, needs no privileges or user interaction, has unchanged scope, and can impact confidentiality but not integrity or availability (AttackerKB, Miggo).

The primary impact of this vulnerability is the potential for unauthorized access to sensitive files. When successfully exploited, attackers can steal sensitive files from the system where the DSPy application is running (JFrog Research).

No official mitigations have been provided for this vulnerability at the time of disclosure. Users are advised to upgrade to versions newer than 3.0.3 once they become available (JFrog Research).