CVE-2026-11466

CVE-2026-11466 affects the zilliztech deep-searcher up to version 0.0.2. The issue is in deepsearcher/agent/collection_router.py (function CollectionRouter.invoke ), where argument kwargs manipulation leads to improper access controls. This enables remote exploitation ; the exploit is publicly av...

EUVD-2026-13198

ormar Pydantic Validation Bypass via pkonly and excluded Kwargs Injection in Model Constructor...

BIT-AIRFLOW-2025-65995 Apache Airflow: Disclosure of secrets to UI via kwargs

When a DAG failed during parsing, Airflow’s error-reporting in the UI could include the full kwargs passed to the operators. If those kwargs contained sensitive values such as secrets, they might be exposed in the UI tracebacks to authenticated users who had permission to view that DAG. The issue...

GHSA-GFW7-2V73-69WG Apache Airflow error reporting may expose full kwargs

When a DAG failed during parsing, Airflow’s error-reporting in the UI could include the full kwargs passed to the operators. If those kwargs contained sensitive values such as secrets, they might be exposed in the UI tracebacks to authenticated users who had permission to view that DAG. The issue...

SQL Injection

Django is vulnerable to SQL injection. The vulnerability is due to improper handling of column aliases in FilteredRelation when using dictionary expansion kwargs, where crafted keys containing control characters can manipulate SQL generation in methods such as annotate, aggregate, extra, values,...

PT-2025-51039

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.1.4 Airflow versions prior to 2.11.1 Description A flaw exists in Airflow where the user interface UI error reporting could expose sensitive information passed as keyword arguments kwargs to operators when a Directe...

PT-2025-51040

A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this...

SQL Injection

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to SQL Injection via the FilteredRelation column aliases. When a malicious dictionary expansion is passed in as the kwargs argument ...

django: Django SQL injection in FilteredRelation column aliases

An SQL injection flaw has been discovered in the Django web framework. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

PYSEC-2025-106

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

PT-2025-40290

Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.25 Django versions 5.1 through 5.1.13 Django versions 5.2 through 5.2.7 Description A SQL injection issue exists in Django’s QuerySet methods—specifically annotate, alias, aggregate, and extra—when using a craft...

CVE-2025-59681

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

django: Django SQL injection in FilteredRelation column aliases

An SQL injection flaw has been discovered in the Django web framework. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

Malicious code in kwargs (PyPI)

--- -= Per source details. Do not edit below this line.=-...

PYSEC-2022-190

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...

PYSEC-2022-190

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...

Incorrect Permission Assignment for Critical Resource in Plone

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

CVE-2021-33509

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

PYSEC-2021-81

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...