CVE-2026-41206

Name of the Vulnerable Software and Affected Versions PySpector versions prior to 0.1.8

Description The plugin security validator uses AST-based static analysis to prevent dangerous code from being loaded as plugins. The blocklist implemented in the validate plugin code() function is incomplete and can be bypassed using several Python constructs that are not checked. An attacker who can supply a plugin file can achieve arbitrary code execution within the process when that plugin is installed and executed.

Recommendations Update to version 0.1.8.