EUVD-2025-29770

Malicious code in bioql PyPI...

GO-2025-3973 DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly

DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly...

GO-2025-3974 DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly

DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly...

CVE-2025-59350

CVE-2025-59350 - Dragonfly : A timing-attack vulnerability in the Proxy feature’s access control (string comparison) prior to 2.1.0 enables an attacker to guess passwords by measuring response times. The issue is fixed in 2.1.0. Affected: Dragonfly, proxy access control mechanism. Mitigation: upg...

CVE-2025-59345

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, The /api/v1/jobs and /preheats endpoints in Manager web UI are accessible without authentication. Any user with network access to the Manager can create, delete, and modify jobs, and create...

PT-2025-26585 · Dragonfly · Dragonfly

Name of the Vulnerable Software and Affected Versions: dragonfly versions 1.28.18 through 1.30.1 Description: The issue is related to an Integer Overflow or Wraparound vulnerability in the dragonflydb dragonfly, specifically in the src/redis/lua/struct modules, associated with program files lua...