Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/13 7:23 p.m.2 views

CVE-2026-40160

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, webcrawl's httpx fallback path passes user-supplied URLs directly to httpx.AsyncClient.get with followredirects=True and no host validation. An LLM agent tricked into crawling an internal URL can reach cloud metadata endpoints...

7.1CVSS5.8AI score0.0005EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/06 10:57 a.m.3 views

CVE-2026-34936

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough and apassthrough in praisonai accept a caller-controlled apibase parameter that is concatenated with endpoint and passed directly to httpx.Client.request when the litellm primary path raises AttributeError. No URL schem...

7.7CVSS5.8AI score0.00014EPSS
Exploits1References1
OSV
OSVadded 2025/03/17 9:47 p.m.4 views

MAL-2025-3448 Malicious code in httpx-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d26dbf9fa1035b8b1e189f67123ee22f506cd21c08e17c282176a716af9da033 Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/17 9:47 p.m.4 views

Malicious code in httpx-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d26dbf9fa1035b8b1e189f67123ee22f506cd21c08e17c282176a716af9da033 Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...

7.1AI score
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/12/01 12:0 a.m.1 views

PT-2023-32993 · Unknown · Fastapi-Proxy-Lib

Name of the Vulnerable Software and Affected Versions: fastapi-proxy-lib version 0.0.1 Description: The issue arises from the shared use of httpx.AsyncClient across different user clients, leading to the persistent storage of cookies based on the set-cookie response header. This results in a cook...

7.5CVSS7.2AI score
Exploits0References4
OSV
OSVadded 2022/04/29 12:0 a.m.24 views

GHSA-H8PJ-CXX2-JFG2 Improper Input Validation in httpx

Encode OSS httpx =1.0.0.beta0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...

9.3CVSS9.1AI score0.00691EPSS
Exploits1References12
OSV
OSVadded 2022/04/28 2:15 p.m.1 views

UBUNTU-CVE-2021-41945

Encode OSS httpx 0.23.0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...

9.1CVSS7.3AI score0.00691EPSS
Exploits1References6
CNNVD
CNNVDadded 2022/04/28 12:0 a.m.2 views

Encode OSS httpx 输入验证错误漏洞

Encode OSS httpx is a full-featured HTTP client from Encode OSS UK. It provides both synchronous and asynchronous APIs and supports HTTP/1.1 and HTTP/2. An input validation error vulnerability exists in Encode OSS httpx version 1.0.0 and prior versions, which stems from improper input validation ...

9.1CVSS8.1AI score0.00691EPSS
Exploits1References4
Rows per page
Query Builder