[Bug]: Unsafe Loader Allows Arbitrary Command Execution

## Summary
Loading untrusted YAML with `yaml.Loader` or `yaml.unsafe_load` accepts `!!python/object/apply` payloads that invoke arbitrary Python functions and OS commands.


**poc**:
```python
import yaml
yaml.load("!!python/object/apply:os.system ['echo PWNED']", Loader=yaml.Loader)
```

**Traceback:**
```
$ uv run python
Python 3.10.18 (main, Sep  2 2025, 14:19:37) [Clang 20.1.4 ] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import yaml
>>> yaml.load("!!python/object/apply:os.system ['echo PWNED']", Loader=yaml.Loader)
PWNED
0
>>> 
```

## Suggested Fix
- Point `yaml.Loader` at `yaml.SafeLoader` by default. (Just like what was recommended in #851)
- Block or gate `!!python/object/*` tags behind explicit opt-in. (At least block os.system)




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Bug]: Unsafe Loader Allows Arbitrary Command Execution #900

Summary

Suggested Fix

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Bug]: Unsafe Loader Allows Arbitrary Command Execution #900

Description

Summary

Suggested Fix

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions