Lucene search
K

285926 matches found

PyPA
PyPA
added 6 hours ago3 views

Arbitrary Code Execution in pdfminer.six via Crafted PDF Input

Summarypdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in pdfminer.six uses pickle.loads to deserialize pickle files. These pickle files are supposed to be part of the pdfminer.six distribution stored in the...

8.6CVSS6.6AI score0.00281EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 6 hours ago2 views

Fugue is Vulnerable to Remote Code Execution by Pickle Deserialization via FlaskRPCServer

SummaryThe Fugue framework implements an RPC server system for distributed computing operations. In the corefunctionality of the RPC server implementation, Ifound thatthedecodefunction infugue/rpc/flask.pydirectly usescloudpickle.loadsto deserialize datawithout any sanitization. This creates a...

8.8CVSS6.8AI score0.0067EPSS
Exploits1References7Affected Software1
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-1729 Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

Summary Open WebUI v0.6.33 and below contains a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers via Server-Sent Event SSE execute events. This leads to authentication token theft, comple...

7.3CVSS7AI score0.07874EPSS
Exploits1References6
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-1135 Apache Airflow has a command injection vulnerability in "example_dag_decorator"

An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...

7.7CVSS6.2AI score0.00448EPSS
Exploits0References6
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-1680 motionEye vulnerable to RCE via unsanitized motion config parameter

Summary A command injection vulnerability in MotionEye allows attackers to achieve Remote Code Execution RCE by supplying malicious values in configuration fields exposed via the Web UI. Because MotionEye writes user-supplied values directly into Motion configuration files without sanitization,...

7.2CVSS6.3AI score0.18993EPSS
Exploits16References6
PyPA
PyPA
added 6 hours ago3 views

Apache Airflow has a command injection vulnerability in "example_dag_decorator"

An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...

7.7CVSS6.2AI score0.00448EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 6 hours ago2 views

LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer

SummaryPrior to langgraph-checkpoint version 3.0 , LangGraph’s JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a remote code execution RCE vulnerability when deserializing payloads saved in the "json" serialization mode.If an attacker can cause your...

7.4CVSS6.9AI score0.00871EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 6 hours ago2 views

Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

SummaryOpen WebUI v0.6.33 and below contains a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers via Server-Sent Event SSE execute events. This leads to authentication token theft, complet...

8CVSS7AI score0.07874EPSS
Exploits1References6Affected Software1
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-1527 LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer

Summary Prior to langgraph-checkpoint version 3.0 , LangGraph’s JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a remote code execution RCE vulnerability when deserializing payloads saved in the "json" serialization mode. If an attacker can cause your...

7.4CVSS7.9AI score0.00871EPSS
Exploits0References8
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-1714 OctoPrint vulnerable to XSS in Action Commands Notification and Prompt

Impact OctoPrint versions up to and including 1.11.3 are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notification and prompt popups generated by the printer. An attacker who successfully convinces a victim to print a specially crafted fil...

4.6CVSS5.9AI score0.0015EPSS
Exploits0References6
PyPA
PyPA
added 6 hours ago2 views

motionEye vulnerable to RCE via unsanitized motion config parameter

SummaryA command injection vulnerability in MotionEye allows attackers to achieve Remote Code Execution RCE by supplying malicious values in configuration fields exposed via the Web UI. Because MotionEye writes user-supplied values directly into Motion configuration files without sanitization,...

7.2CVSS6.3AI score0.18993EPSS
Exploits16References6Affected Software1
PyPA
PyPA
added 6 hours ago2 views

Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE

SummaryThe functionality that inserts custom prompts into the chat window is vulnerable to DOM XSS when 'Insert Prompt as Rich Text' is enabled, since the prompt body is assigned to the DOM sink .innerHtml without sanitisation. Any user with permissions to create prompts can abuse this to plant a...

8.7CVSS6.8AI score0.00463EPSS
Exploits2References7Affected Software1
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-1741 Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE

Summary The functionality that inserts custom prompts into the chat window is vulnerable to DOM XSS when 'Insert Prompt as Rich Text' is enabled, since the prompt body is assigned to the DOM sink .innerHtml without sanitisation. Any user with permissions to create prompts can abuse this to plant ...

8.7CVSS7.9AI score0.00463EPSS
Exploits2References7
PyPA
PyPA
added 6 hours ago2 views

OctoPrint vulnerable to XSS in Action Commands Notification and Prompt

ImpactOctoPrint versions up to and including 1.11.3 are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notification and prompt popups generated by the printer.An attacker who successfully convinces a victim to print a specially crafted file...

4.6CVSS5.9AI score0.0015EPSS
Exploits0References6Affected Software1
OSV
OSV
added 6 hours ago3 views

PYSEC-2026-1365 FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

Summary A command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor Details 1. generatecursordeeplinkservername, … embeds servername verbatim in a cursor://…?name= query string...

5.4CVSS6.2AI score0.00206EPSS
Exploits1References5
PyPA
PyPA
added 6 hours ago2 views

FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

SummaryA command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor Details1. generatecursordeeplinkservername, … embeds servername verbatim in a cursor://…?name= query string.2...

7.8CVSS6.2AI score0.00206EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 6 hours ago2 views

Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

SummaryAuthlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving...

7.5CVSS6.1AI score0.00596EPSS
Exploits1References7Affected Software1
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-1203 Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

Summary Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving...

7.5CVSS7.2AI score0.00596EPSS
Exploits1References7
OSV
OSV
added 6 hours ago2 views

PYSEC-2026-2071 ZenML is vulnerable to Path Traversal through its `PathMaterializer` class

ZenML version 0.83.1 is affected by a path traversal vulnerability in the PathMaterializer class. The load function uses ispathwithindirectory to validate files during data.tar.gz extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file...

6.3CVSS6.9AI score0.00334EPSS
Exploits1References6
PyPA
PyPA
added 6 hours ago2 views

ZenML is vulnerable to Path Traversal through its `PathMaterializer` class

ZenML version 0.83.1 is affected by a path traversal vulnerability in the PathMaterializer class. The load function uses ispathwithindirectory to validate files during data.tar.gz extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file...

7.8CVSS6.2AI score0.00334EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder