CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

CVE-2026-25904

The CVE-2026-25904 entry concerns Pydantic-AI MCP Run Python tool configuring the Deno sandbox in a way that allows the underlying Python code to access the host’s localhost interface, enabling SSRF. Affected component: the Deno sandbox configuration used by mcp-run-python (Pydantic-AI MCP Run Py...

PT-2026-7089

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

SSRF-to-RCE-Scanner

SSRF-to-RCE-Scanner IT is advanced Python-based security tool...

Exploit for Path Traversal in Apache Http_Server

🛑 CVE-2021-41773 Checker CVE-2021-41773 Checker is a Python-b...

SQL-Injection-Scanner

SQL-Injection-Scanner A Python-based SQL Injection vulnerabili...

EUVD-2025-203478

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by pty missing from the block list of unsafe module imports. This led to unsafe pickles based on pty.spawn being incorrectly flagged as LIKELYSAFE, and was fixed in version 0.1.6. This impact...

Exploit for CVE-2025-55182

CVE-2025-55182 Surface Scanner A lightweight, non-intrusive P...

CVE-2025-64703

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue...

CVE-2025-64511

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue...

CVE-2025-64511

MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue...

CVE-2025-64511

MaxKB is vulnerable in versions prior to 2.3.1 due to SSRF in the tool module’s Python code, which can access internal network services (e.g., databases) even though the process runs in a sandbox. The issue is resolved in version 2.3.1. Connected sources corroborate the sandboxed Python-access pa...

PT-2025-46859

Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.3.1 Description MaxKB, an open-source AI assistant for enterprise, allows a user to access internal network services, such as databases, through Python code within the tool module. This process operates within a sandb...

Talos-Apache-Log-Oversight-Scanner

Talos-Apache-Log-Oversight-Scanner Overview The Talos-Ap...

Exploit for HTTP Request Smuggling in Sap Content_Server

CVE-2022-22536 Batch Scanner This is a fast, socket-level bat...

OWASP-Lite-Scanner

OWASP-Lite-Scanner OWASP-Lite Scanner: A Flask-ba...

EUVD-2024-3479

Malicious code in bioql PyPI...

smb_exploitation_tool

python3.13 smbe...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect

ScreenConnect CVE-2024-1709 Exploit Tool A Python tool to che...

Vanquish

It is an offensive tool for enumeration. The tool is called Vanquish, and it is designed to perform multiple active information gathering phases on a target system. It is built in Python and leverages various open-source enumeration tools on Kali Linux. The tool can be installed using the command...