An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query.
"https://github.com/pypa/advisory-database/blob/main/vulns/whoogle-search/PYSEC-2026-2048.yaml"