CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PyVista provides 3D plotting and mesh analysis through an interface for the Visualization Toolkit VTK. Version 0.46.3 of the PyVista Project is vulnerable to remote code execution via dependency confusion. Two pieces of code use--extra-index-url. But when --extra-index-url is used, pip always...

9.3CVSS6.4AI score0.00592EPSS

Exploits0References6

CVE•added 2025/10/06 10:14 p.m.•34 views

CVE-2025-61774

CVE-2025-61774 affects PyVista 0.46.3 and enables remote code execution through dependency confusion using pip --extra-index-url. The description notes that two code paths use --extra-index-url, and pip may fetch a higher-version package from a non-PyPI index if one package listed is not publishe...

9.3CVSS7.7AI score0.00592EPSS

Exploits0References4

OSSF Malicious Packages•added 2025/10/06 10:53 a.m.•5 views

Malicious code in gnosis-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 42112b8b2e7c96d9c3a5a188bebf3539cba140ccfdcc721ea9952259b8893721 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score

Exploits0References1

Positive Technologies•added 2025/10/06 12:0 a.m.•4 views

PT-2025-40952

Name of the Vulnerable Software and Affected Versions PyVista version 0.46.3 Description PyVista, a software for 3D plotting and mesh analysis using the Visualization Toolkit VTK, is susceptible to remote code execution through a dependency confusion issue. The software’s use of the...

9.3CVSS7.6AI score0.00592EPSS

Exploits0References10

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-28657

Malicious code in bioql PyPI...

6.6AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-54253

Malicious code in bioql PyPI...

6.6AI score

Exploits0