01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +98 more potentially affected by CVE-2025-64712 via unstructured (>=0.10.10 <=0.18.15)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.6, =0.2.2, =0.1.0, =0.1.16 - biorxivist =0.2.1 and more Source cves: CVE-2025-64712 Source advisory: SNYK:PYTHON-UNSTRUCTURED-14157218...

EUVD-2025-200121

Malicious code in spellcheckers PyPI...

ado-vllm-performance (=1.2.2), agentclinic (=0.1.0) +23 more potentially affected by CVE-2025-66448 via vllm (>=0.10.0 <=0.11.0)

vllm PYPI version =0.10.0, =0.0.0, =2.3.5, =0.2.0, =0.1.0, =1.0.1rc1, =0.0.4, =0.1.0, =0.1.5, =1.0.0, =1.2.6 - haerae-evaluation-toolkit =0.1.0 - hedge-bench =0.1.2 and more Source cves: CVE-2025-66448 Source advisory: SNYK:PYTHON-VLLM-14157153...

GHSA-VC2M-M665-8XM2 vulnerabilities

Vulnerabilities for packages: python...

GHSA-VC2M-M665-8XM2 vulnerabilities

Vulnerabilities for packages: python...

MGASA-2025-0289 Updated python-py packages fix security vulnerability

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. CVE-2022-42969...

achoz (>=0.3.0 <=0.3.42), aclpubcheck (>=0.1.0 <=0.2.0) +310 more potentially affected by CVE-2025-70559 via pdfminer-six (>=20140915.0.0 <=20251107.0.0)

pdfminer-six PYPI version =20140915.0.0, =0.3.0, =0.1.0, =0.8.1, =0.2.0, =1.1.74b0, =0.1.11, =0.1.0, =1.0.0, =1.0.0, =1.0.29, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.44 and more Source cves: CVE-2025-70559 Source advisory: OSV:GHSA-F83H-GHPP-7WCC...

a-mailx (=0.1.0), a2a-client-handler (=0.1.0) +261 more potentially affected by CVE-2025-64439 via langgraph-checkpoint (>=1.0.12 <=2.1.2)

langgraph-checkpoint PYPI version =1.0.12, =0.1.5, =0.1.0, =0.1.1, =0.1.1, =0.2.0a1, =0.2.5a2, =0.0.3rc0, =0.1.0, =0.1.37 - agentic-kit-eda =0.0.2 and more Source cves: CVE-2025-64439 Source advisory: OSV:GHSA-WWQV-P2PP-99H5...

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1414 more potentially affected by CVE-2025-64458 via django (>=5.2.0 <=5.2.7)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.0.13, =1.2.7 and more Source cves: CVE-2025-64458 Source advisory: SNYK:PYTHON-DJANGO-13837025...

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1414 more potentially affected by CVE-2025-64459 via django (>=5.2.0 <=5.2.7)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.0.13, =1.2.7 and more Source cves: CVE-2025-64459 Source advisory: OSV:GHSA-FRMV-PR5F-9MCR...

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1414 more potentially affected by CVE-2025-64458 via django (>=5.2.0 <=5.2.7)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.0.13, =1.2.7 and more Source cves: CVE-2025-64458 Source advisory: OSV:PYSEC-2025-107...

01os (>=0.0.1 <=0.0.14), advanced-research (>=0.1.0 <=0.2.2) +419 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.77.5)

litellm PYPI version =1.0.0, =0.0.1, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.14.1a0, =0.1.0, =0.0.5, =0.3.1, =1.1.2, =1.4.3, =0.0.1, =0.1.0, =0.7.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-13803705...

abinitostudio (>=1.0.1 <=1.0.8), aicsshparam (>=0.0.6 <=0.0.12) +145 more potentially affected by CVE-2025-57107 via vtk (>=8.1.2 <=9.5.0)

vtk PYPI version =8.1.2, =1.0.1, =0.0.6, =0.1.8, =0.4.0, =0.13.1, =0.71.0, =0.2.0, =0.4.2, =2024.7.4, =0.0.4rc3, =0.2.5, =0.6.1, =1.0.0.0, =2.1.16 and more Source cves: CVE-2025-57107 Source advisory: OSV:PYSEC-2025-225...

builder-addon-pca (>=0.0.1 <=0.0.3), configparser-crypt (>=0.6.2 <=1.1.0) +5 more potentially affected by CVE-2025-63675 via cryptidy (=1.2.4)

cryptidy PYPI version =1.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on cryptidy and may be impacted: - builder-addon-pca =0.0.1, =0.6.2, =1.4.0, =0.2.0, =2.2.0rc6, =0.9.0, =0.0.4, =1.0.6 Source cves: CVE-2025-63675 Source advisory:...

alertwise (=1.0.0), amusing-app (>=0.1.0 <=0.4.3) +209 more potentially affected by CVE-2025-6176 via brotli (>=1.0.7 <=1.1.0)

brotli PYPI version =1.0.7, =0.1.0, =22.5.13, =2.4.11, =0.72.2, =1.1.3, =8.3.1, =16.0.1b2, =9.1.2, =0.0.1, =0.0.6 and more Source cves: CVE-2025-6176 Source advisory: SNYK:PYTHON-BROTLI-13821834...

adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +14 more potentially affected by CVE-2025-12058 via keras (>=3.0.0 <=3.11.3)

keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.10.0 and more Source cves: CVE-2025-12058 Source advisory: SNYK:PYTHON-KERAS-13743411...

aa-rag (>=0.4.2 <=0.4.3), ab-auth-client-service (>=0.1.3 <=0.3.5) +1554 more potentially affected by CVE-2025-62727 via starlette (>=0.39.2 <=0.49.0)

starlette PYPI version =0.39.2, =0.4.2, =0.1.3, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.2.1, =0.1.0, =0.1.1, =0.1.1, =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.3 and more Source cves: CVE-2025-62727 Source advisory: OSV:GHSA-7F5H-V6XP-FCQ8...

Important Photon OS Security Update - PHSA-2025-5.0-0657

Updates of 'python3' packages of Photon OS have been released...

01os (>=0.0.5 <=0.0.13), 3m (>=0.1.0 <=0.1.3) +2312 more potentially affected by CVE-2025-62708 via pypdf (>=3.10.0 <=6.1.1)

pypdf PYPI version =3.10.0, =0.0.5, =0.1.0, =0.4.1, =0.2.5, =0.0.2, =0.2.0, =1.2.27, =0.1.0, =1.2.32, =0.1.1, =1.0.0, =2.0.0 and more Source cves: CVE-2025-62708 Source advisory: OSV:GHSA-JFX9-29X2-RV3J...

01os (>=0.0.5 <=0.0.13), 3m (>=0.1.0 <=0.1.3) +1799 more potentially affected by CVE-2025-62708 via pypdf (>=6.0.0 <=6.1.1)

pypdf PYPI version =6.0.0, =0.0.5, =0.1.0, =0.4.1, =0.2.5, =0.0.2, =0.2.0, =1.2.27, =0.1.0, =1.2.32, =0.2.5, =1.0.0, =0.1.1, =0.4.6 - adstoolbox =2025.12.2.2 and more Source cves: CVE-2025-62708 Source advisory: SNYK:PYTHON-PYPDF-13658706...