A vulnerability identified as critical has been detected in Agno up to 2.3.23 . Affected is the function eval of the component Parameter Handler . The manipulation of the argument field_type leads to improper neutralization of directives in dynamically evaluated code. This vulnerability is documented as CVE-2026-35002 . The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.