Skip to main content

Verl

1 CVEs product

Monthly

CVE-2026-6878 PyPI LOW POC GHSA Monitor

Sandbox bypass in ByteDance verl up to version 0.7.0 allows remote attackers to achieve limited information disclosure through manipulation of the math_equal function in prime_math/grader.py. The vulnerability requires high attack complexity and has been publicly documented with exploit code available, though the vendor has not responded to early disclosure attempts.

Information Disclosure Verl
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.0%
EPSS 0% CVSS 2.9
LOW POC Monitor

Sandbox bypass in ByteDance verl up to version 0.7.0 allows remote attackers to achieve limited information disclosure through manipulation of the math_equal function in prime_math/grader.py. The vulnerability requires high attack complexity and has been publicly documented with exploit code available, though the vendor has not responded to early disclosure attempts.

Information Disclosure Verl
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy