VYPR

Python Utcp

by Universal Tool Calling Protocol

Source repositories

CVEs (5)

  • CVE-2026-45369HigMay 14, 2026
    risk 0.54cvss 8.3epss 0.00

    python-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args method in cli_communication_protocol.py inserts user-controlled tool_args values directly into shell command strings without any sanitization or escaping. These commands are then executed…

  • CVE-2026-45370HigMay 14, 2026
    risk 0.50cvss 7.7epss 0.00

    python-utcp is the python implementation of UTCP. Prior to 1.1.3, _prepare_environment() in cli_communication_protocol.py passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, an attacker can exfiltrate all process-level secrets in a single…

  • CVE-2025-14542HigDec 13, 2025
    risk 0.42cvss 7.5epss 0.00

    The vulnerability arises when a client fetches a tools’ JSON specification, known as a Manual, from a remote Manual Endpoint. While a provider may initially serve a benign manual (e.g., one defining an HTTP tool call), earning the clients’ trust, a malicious provider can…

  • CVE-2026-12210MedJun 15, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-websocket. Performing a manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit is…

  • CVE-2026-44661MedMay 14, 2026
    risk 0.31cvss 4.7epss 0.00

    python-utcp is the python implementation of UTCP. Prior to 1.1.3, the utcp-http plugin is vulnerable to a blind Server-Side Request Forgery (SSRF) caused by a trust-boundary inconsistency between manual discovery and tool invocation. register_manual() validates the discovery URL…