ace-step (=0.1.0), agent-memory-jojo (=0.1.3) +165 more potentially affected by CVE-2025-3262 via transformers (>=4.49.0 <=4.50.3)

transformers PYPI version =4.49.0, =3.2.0, =2.2.0, =0.0.5, =2026.3.1, =0.1.0, =1.2.1b20250404, =1.2.1b20250404, =1.2.1b20250404, =0.1.2, =0.1.8 - azureml-metrics =0.0.25.post1 and more Source cves: CVE-2025-3262 Source advisory: OSV:GHSA-489J-G2VX-39WF...

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1739 more potentially affected by CVE-2025-3264 via transformers (>=2.10.0 <=4.50.3)

transformers PYPI version =2.10.0, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3264 Source advisory: OSV:GHSA-JJPH-296X-MRCR...

aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-5472 via llama-index-core (>=0.10.0 <=0.12.37)

llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-5472 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-10645586...

aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +42 more potentially affected by CVE-2025-5472 via llama-index (>=0.10.0 <=0.12.36)

llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =1.0.23.post1 and more Source cves: CVE-2025-5472 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645587...

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1813 more potentially affected by CVE-2025-3777 via transformers (>=2.10.0 <=4.51.3)

transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3777 Source advisory: SNYK:PYTHON-TRANSFORMERS-10658536...

RHEL 9 : python3.9 (RHSA-2025:10399)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10399 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

MAL-2025-191733 Malicious code in fonafx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9441463f029726ea263225e9b0092d82b049e2d7a4e059becd24f5e23c70a906 Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...

GHSA-J5CC-6RX8-FF96 vulnerabilities

Vulnerabilities for packages: python...

CVE-2025-6069 vulnerabilities

Vulnerabilities for packages: python...

CVE-2025-6069 vulnerabilities

Vulnerabilities for packages: python...

Security Bulletin: IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2022-40897, CVE-2024-6345"

Summary IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2022-40897, CVE-2024-6345". This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2022-40897 DESCRIPTION: Pypa Setuptools is vulnerable to a...

Security Bulletin: IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2024-3651, CVE-2023-32681, CVE-2024-35195, CVE-2024-37891"

Summary IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2024-3651, CVE-2023-32681, CVE-2024-35195, CVE-2024-37891". This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: idna...

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +411 more potentially affected by CVE-2025-2828 via langchain (>=0.0.100 <=0.1.11)

langchain PYPI version =0.0.100, =0.1.7, =0.2.1, =0.1.0, =0.1.0, =0.1.5, =0.0.2, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.8 - airda =0.0.3 and more Source cves: CVE-2025-2828 Source advisory: SNYK:PYTHON-LANGCHAIN-10496413...

Ubuntu: Security Advisory (USN-7583-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

1337x (=1.2.5), aba-cli-scrapper (>=0.1.0 <=0.7.6) +1155 more potentially affected by CVE-2025-50182 via urllib3 (>=2.2.0 <=2.4.0)

urllib3 PYPI version =2.2.0, =0.1.0, =4.8.2, =0.0.4, =3.0.2, =0.1.0, =0.1.2, =0.1.1, =1.0.0, =0.0.6, =0.1.31, =0.0.5, =0.0.9 and more Source cves: CVE-2025-50182 Source advisory: SNYK:PYTHON-URLLIB3-10390193...

0xdegenmo-lighter-mcp (=0.1.1), 1337x (=1.2.5) +2021 more potentially affected by CVE-2025-50181 via urllib3 (>=2.0.0 <=2.4.0)

urllib3 PYPI version =2.0.0, =1.1.2, =0.1.2, =1.0.0, =0.1.0, =4.8.2, =0.0.4, =2.6.4, =0.1.0, =0.1.2, =0.0.1, =0.0.4 - adversarial-insight-ml =0.1.0 and more Source cves: CVE-2025-50181 Source advisory: SNYK:PYTHON-URLLIB3-10390194...

01os (=0.0.14), ai-sec (>=0.0.1 <=0.0.9) +240 more potentially affected by CVE-2025-48945 via pycares (>=4.0.0 <=4.8.0)

pycares PYPI version =4.0.0, =0.0.1, =0.7.1, =0.1.0, =0.1.3, =2.0.4, =0.1.0, =0.1.3, =22.5.13, =1.0.1, =0.0.1, =3.4.2, =4.4.0 and more Source cves: CVE-2025-48945 Source advisory: SNYK:PYTHON-PYCARES-10365309...

Important Photon OS Security Update - PHSA-2025-4.0-0815

Updates of 'python3-setuptools' packages of Photon OS have been released...

Important: python-setuptools

Issue Overview: setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the...

Important: python3.11-setuptools

Issue Overview: setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the...