arlbench (=0.1.3), backend-ai-appproxy-coordinator (>=25.13.0 <=26.4.4rc6) +3 more potentially affected by CVE-2026-32722 via memray (>=1.12.0 <=1.17.2)

memray PYPI version =1.12.0, =25.13.0, =25.13.0, =26.2.0, =26.4.4rc6 - feluda-image-vec-rep-resnet =0.1.0 Source cves: CVE-2026-32722 Source advisory: SNYK:PYTHON-MEMRAY-15763582...

EUVD-2025-17555

Malicious code in bioql PyPI...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to missing authentication in the registration feature. An attacker with a registered user account can create user accounts that can access private data even when registration is disabled...

backend-ai (=1.4.0), backend-ai-accelerator-cuda-open (>=24.9.5 <=26.4.4rc6) +38 more potentially affected by CVE-2025-27607 via python-json-logger (=3.2.1)

python-json-logger PYPI version =3.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on python-json-logger and may be impacted: - backend-ai =1.4.0 - backend-ai-accelerator-cuda-open =24.9.5, =24.9.5, =24.9.5, =24.9.5, =25.13.0, =25.13.0, =25.13.0,...

ahserver (>=1.0.1 <=1.2.0), aiohttp-admin (>=0.1.0a0 <=0.1.0a3) +62 more potentially affected by CVE-2018-1000814 via aiohttp-session (>=0.8.0 <=2.1.0)

aiohttp-session PYPI version =0.8.0, =1.0.1, =0.1.0a0, =1.0.0, =0.0.1, =1.4.0, =0.3.0, =0.4.3, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =22.3.0, =0.0.1, =0.0.2 and more Source cves: CVE-2018-1000814 Source advisory: OSV:PYSEC-2018-35...