๐Ÿ›ก๏ธ NAIL Institute โ€” AVE Database

โ† Back to Database

Pydantic Schema Exploitation

๐ŸŸ  HIGH injection proven AVE-2025-0019

ยท aka: Structured Output Injection, Schema Coercion

Summary

5 distinct attack patterns exploit Pydantic-based structured output parsing in agentic frameworks. Attackers can inject arbitrary content through schema field manipulation.

Blast Radius

Arbitrary data injection through validated schemas.

Prerequisites

Framework using Pydantic for LLM output parsing.

Environment

  • Frameworks: LangGraph
  • Models tested: [Available in NAIL SDK]
  • Multi-agent: No
  • Tools required: No
  • Memory required: No

Related