Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

170 matches found

OSV
OSVadded 2026/06/12 12:26 p.m.9 views

OESA-2026-2659 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linuxadded 2026/06/12 12:0 a.m.6 views

Security update for python-Django (important)

openSUSE security update: security update for python-django ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20937-1 Rating: important References: bsc1267576 bsc1267577 bsc1267578 bsc1267579 bsc1267580 Cross-References: CVE-2026-35193 CVE-2026-48587...

9.1CVSS5.4AI score0.00359EPSS
Exploits0References5
OSV
OSVadded 2026/06/09 1:22 p.m.4 views

SUSE-SU-2026:2318-1 Security update for python-Django

This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in django.http.HttpRequest.getsignedcookie bsc1267578. - CVE-2026-7666: potential unencrypted email transmission via STARTTLS in the SMTP backend bsc1267579. - CVE-2026-8404: potential...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References11
PyPA
PyPAadded 2026/06/03 2:16 p.m.14 views

PYSEC-2026-201

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6.django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...

5.3CVSS5.4AI score0.00285EPSS
Exploits0References3Affected Software1
PyPA
PyPAadded 2026/06/03 2:16 p.m.10 views

PYSEC-2026-198

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6.django.utils.cache.hasvaryheader in Django does not strip leading or trailing whitespace from Vary response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose...

5.3CVSS5.4AI score0.00354EPSS
Exploits0References3Affected Software1
OPENSUSE Linux
OPENSUSE Linuxadded 2026/04/17 12:0 a.m.7 views

python311-Django-5.2.13-1.1 on GA media (moderate)

python311-Django-5.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2026:10567-1 Rating: moderate Cross-References: CVE-2026-33033 CVE-2026-33034 CVE-2026-3902 CVE-2026-4277 CVE-2026-4292 CVSS scores: CVE-2026-33033 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-33033 SUSE : 6....

6.9CVSS5.8AI score0.00769EPSS
Exploits1
NVD
NVDadded 2026/03/26 7:17 p.m.5 views

CVE-2026-33149

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS0.00304EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2026/02/12 12:0 a.m.5 views

SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2026:0440-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0440-1 advisory. - CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGIbsc1257403 - CVE-2026-1312: Fixed potenti...

7.5CVSS5.9AI score0.03779EPSS
Exploits2References19
OPENSUSE Linux
OPENSUSE Linuxadded 2026/01/04 12:0 a.m.8 views

python312-Django6-6.0-1.1 on GA media (moderate)

python312-Django6-6.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10005-1 Rating: moderate Cross-References: CVE-2015-3982 CVE-2015-5145 CVE-2015-5963 CVE-2016-7401 CVE-2017-12794 CVE-2017-7233 CVE-2017-7234 CVE-2018-16984 CVE-2018-6188 CVE-2018-7536 CVE-2018-7537 CVE-2019-11358...

9.8CVSS8.2AI score0.87218EPSS
Exploits44
OSV
OSVadded 2025/12/12 12:21 p.m.4 views

OESA-2025-2849 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted...

4.3CVSS7.9AI score0.0087EPSS
Exploits0References2
OSV
OSVadded 2025/11/14 12:39 p.m.9 views

OESA-2025-2679 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence,...

9.1CVSS7.8AI score0.18752EPSS
Exploits11References3
OSV
OSVadded 2025/11/07 12:0 a.m.4 views

OPENSUSE-SU-2025:15712-1 python311-Django-5.2.8-1.1 on GA media

These are all security issues fixed in the python311-Django-5.2.8-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS7.1AI score0.18752EPSS
Exploits10References1
OSV
OSVadded 2025/10/11 1:20 p.m.4 views

OESA-2025-2378 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to S...

9.8CVSS7.9AI score0.00863EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/10/09 8:57 p.m.3 views

CVE-2025-61783 Python Social Auth - Django has unsafe account association

Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service doe...

6.3CVSS6.5AI score0.00521EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2025/10/07 2:28 p.m.9 views

Important: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (python-django) security update

An update for python-django is now available for Red Hat OpenStack Services on OpenShift 18.0 Antelope. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS7.5AI score0.15602EPSS
Exploits4References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2015-0010

Malware in sbrugna...

7.8CVSS6.1AI score0.02975EPSS
Exploits0References13
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2021-0065

Malware in sbrugna...

6.1CVSS6.8AI score0.03172EPSS
Exploits0References19
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2018-0039

Malware in sbrugna...

7.5CVSS6.1AI score0.04897EPSS
Exploits0References13
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2016-0006

Malware in sbrugna...

9.8CVSS9.2AI score0.05144EPSS
Exploits0References20
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2011-0007

Malware in sbrugna...

5CVSS6.1AI score0.03024EPSS
Exploits0References17
Rows per page
Query Builder