GHSA-vp22-38m5-r39r: PySpector has a Plugin Code Execution Bypass via Incomplete Static Analysis in PluginSecurity.validate_plugin_code

April 16, 2026

The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. The blocklist implemented in PluginSecurity.validate_plugin_code is incomplete and can be bypassed using several Python constructs that are not checked. An attacker who can supply a plugin file can achieve arbitrary code execution within the PySpector process when that plugin is installed and executed.

References

github.com/ParzivalHack/PySpector
github.com/ParzivalHack/PySpector/security/advisories/GHSA-vp22-38m5-r39r
github.com/advisories/GHSA-vp22-38m5-r39r

Code Behaviors & Features

Detect and mitigate GHSA-vp22-38m5-r39r with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →