Skip to main content

Ironic Python Agent

1 CVEs product

Monthly

CVE-2026-43003 PyPI HIGH PATCH GHSA This Week

Arbitrary code execution in OpenStack ironic-python-agent (IPA) versions 1.0.0 through 11.5.0 occurs because IPA runs grub-install from inside a chroot of the partition image it is deploying, so binaries supplied by a malicious image execute on the provisioning ramdisk. An attacker able to have a crafted partition image deployed can run code in the IPA context (typically root on the bare-metal node being provisioned). No public exploit identified at time of analysis; EPSS is negligible (0.01%) and CISA SSVC records exploitation status as none, but the technical impact is rated total.

Python RCE Ironic Python Agent
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Arbitrary code execution in OpenStack ironic-python-agent (IPA) versions 1.0.0 through 11.5.0 occurs because IPA runs grub-install from inside a chroot of the partition image it is deploying, so binaries supplied by a malicious image execute on the provisioning ramdisk. An attacker able to have a crafted partition image deployed can run code in the IPA context (typically root on the bare-metal node being provisioned). No public exploit identified at time of analysis; EPSS is negligible (0.01%) and CISA SSVC records exploitation status as none, but the technical impact is rated total.

Python RCE Ironic Python Agent
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy