security: vulnerability remediation by kernel-internal[bot] · Pull Request #188 · kernel/cli

kernel-internal · 2026-06-17T04:40:04Z

Vulnerability Remediation

This PR was generated by the Socket-centric vulnerability remediation workflow. Review the planned dependency changes and confirmation evidence before merging.

Fixed

CVE/GHSA	Package	Ecosystem	Old Version	New Version	Manifest	Confirmation
GHSA-537c-gmf6-5ccf	browser-use	None	0.11.1	0.12.3		confirmed

Not Included

Deferred by batch limit: 103 advisories. They will be considered by future runs.
Other deferred scanner findings: 8.
Unconfirmed attempted fixes: 0.

Deferred details

CVE/GHSA	Package	Reason
Unavailable from detector	json-schema	Non-CVE alert is not handled by dependency remediation.
Unavailable from detector	float	Non-CVE alert is not handled by dependency remediation.
Unavailable from detector	entities	Non-CVE alert is not handled by dependency remediation.
Unavailable from detector	entities	Non-CVE alert is not handled by dependency remediation.
Unavailable from detector	hashes	Non-CVE alert is not handled by dependency remediation.
Unavailable from detector	cheerio	Non-CVE alert is not handled by dependency remediation.
Unavailable from detector	github.com/godbus/dbus/v5	Non-CVE alert is not handled by dependency remediation.
Unavailable from detector	authlib	Missing CVE/GHSA identifier required for Socket fix planning.

Note

Low Risk
Single dependency version bump in a sample template manifest with no logic changes; main risk is minor API/behavior differences between 0.11.x and 0.12.3 for the template app.

Overview
Addresses GHSA-537c-gmf6-5ccf in the python/browser-use Kernel sample template by tightening the browser-use dependency from >=0.11.1 to an exact ==0.12.3 pin in pyproject.toml.

No application code changes; consumers of this template get the patched browser-use release when dependencies are resolved (e.g. via uv lock / install).

^{Reviewed by Cursor Bugbot for commit 2cf9e9b. Bugbot is set up for automated code reviews on this repo. Configure here.}

socket-security · 2026-06-17T04:40:37Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	pypi/pillow@12.1.1
	pypi/google-genai@1.55.0 ⏵ 1.65.0	^-1
	pypi/browser-use@0.11.1 ⏵ 0.12.3	^-10
	pypi/openai@2.12.0 ⏵ 2.16.0	⁺¹
	pypi/anthropic@0.76.0

View full report

socket-security · 2026-06-17T04:40:38Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Critical CVE: LiteLLM: Authentication Bypass via Host Header Injection CVE: GHSA-4xpc-pv4p-pm3w LiteLLM: Authentication Bypass via Host Header Injection (CRITICAL) Affected versions: < 1.84.0 Patched version: 1.84.0 From: pkg/templates/python/browser-use/uv.lock → `pypi/browser-use@0.12.3` → `pypi/litellm@1.83.0` ℹ Read more on: This package \| This alert \| What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/litellm@1.83.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Critical CVE: LiteLLM has SQL Injection in Proxy API key verification CVE: GHSA-r75f-5x8p-qvmc LiteLLM has SQL Injection in Proxy API key verification (CRITICAL) Affected versions: >= 1.81.16 < 1.83.7 Patched version: 1.83.7 From: pkg/templates/python/browser-use/uv.lock → `pypi/browser-use@0.12.3` → `pypi/litellm@1.83.0` ℹ Read more on: This package \| This alert \| What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/litellm@1.83.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: pypi `browser-use` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pkg/templates/python/browser-use/pyproject.toml → `pypi/browser-use@0.12.3` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/browser-use@0.12.3`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: pypi `browser-use` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pkg/templates/python/browser-use/pyproject.toml → `pypi/browser-use@0.12.3` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/browser-use@0.12.3`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: pypi `litellm` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pkg/templates/python/browser-use/uv.lock → `pypi/browser-use@0.12.3` → `pypi/litellm@1.83.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/litellm@1.83.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: pypi `litellm` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pkg/templates/python/browser-use/uv.lock → `pypi/browser-use@0.12.3` → `pypi/litellm@1.83.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/litellm@1.83.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: pypi `litellm` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pkg/templates/python/browser-use/uv.lock → `pypi/browser-use@0.12.3` → `pypi/litellm@1.83.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/litellm@1.83.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: pypi `litellm` is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pkg/templates/python/browser-use/uv.lock → `pypi/browser-use@0.12.3` → `pypi/litellm@1.83.0` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/litellm@1.83.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

firetiger-agent · 2026-06-17T04:42:39Z

Created a monitoring plan for this PR.

What this PR does: Patches a high-severity security vulnerability (GHSA-537c-gmf6-5ccf — vulnerable OpenSSL in cryptography wheels) in the CLI's browser-use sample app template. New projects scaffolded from this template will no longer include the affected dependency.

Intended effect: No production telemetry signal exists for CLI template usage — this is a template-only change with no deployed service. Confirmation is structural: the lockfile pins browser-use==0.12.3 and aiohttp==3.13.3, which resolve without the vulnerable OpenSSL transitive dependency. Manual validation (run uv sync + scaffold and execute the template) is the only applicable check.

Risks:

browser-use API break — browser-use 0.11→0.12 may change Browser/Agent constructor signatures; alert if scaffolded template fails to run (ImportError or TypeError at startup)
aiohttp 3.13.x incompatibility — transitive bump from 3.12.15 to 3.13.3; alert if uv sync fails or generated app raises aiohttp-related exceptions at startup
lockfile resolution failure on edge Python versions — pinned wheels may be missing for some platforms; alert if uv sync errors on supported Python ≥3.11 runtimes

View monitor

security: vulnerability remediation (2026-06-17)

2cf9e9b

kernel-internal Bot assigned ulziibay-kernel Jun 17, 2026

kernel-internal Bot requested a review from ulziibay-kernel June 17, 2026 04:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

security: vulnerability remediation#188

security: vulnerability remediation#188
kernel-internal[bot] wants to merge 1 commit into
mainfrom
security/vuln-remediation

kernel-internal Bot commented Jun 17, 2026 •

edited by cursor Bot

Loading

Uh oh!

socket-security Bot commented Jun 17, 2026

Uh oh!

socket-security Bot commented Jun 17, 2026

Uh oh!

firetiger-agent Bot commented Jun 17, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

kernel-internal Bot commented Jun 17, 2026 • edited by cursor Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Vulnerability Remediation

Fixed

Not Included

Uh oh!

socket-security Bot commented Jun 17, 2026

Uh oh!

socket-security Bot commented Jun 17, 2026

Uh oh!

firetiger-agent Bot commented Jun 17, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

kernel-internal Bot commented Jun 17, 2026 •

edited by cursor Bot

Loading