Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/02/15 12:2 a.m.1 views

MAL-2026-903 Malicious code in requests-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccf88804317b4caf9661eb94c320a521f7689c5cf26a8754ec219d268fc9c873 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

5.6AI score
Exploits0References2
Snyk
Snykadded 2025/06/23 9:41 p.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the RequestsToolkit module. An attacker can access internal network resources, perform port scans, retrieve sensitive metadata from cloud environments, and interact with local services by crafting...

10CVSS6.7AI score0.00171EPSS
Exploits1References2
Snyk
Snykadded 2025/06/23 9:41 p.m.3 views

Server-side Request Forgery (SSRF)

Overview langchain is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the RequestsToolkit module. An attacker can access internal network resources, perform port scans, retrieve sensitive metadata fro...

10CVSS6.7AI score0.00171EPSS
Exploits1References2
OSV
OSVadded 2025/06/23 9:31 p.m.1 views

GHSA-H5GC-RM8J-5GPR LangChain Community SSRF vulnerability exists in RequestsToolkit component

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

8.4CVSS5.8AI score0.00171EPSS
Exploits1References5
PyPA
PyPAadded 2025/06/23 9:15 p.m.8 views

PYSEC-2025-70

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

10CVSS6.8AI score0.00171EPSS
Exploits1References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/02/11 11:57 a.m.4 views

Malicious code in rquests-toolbelt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c51be2a24f650a0b1d3d6d85b08b9106249116f61e0f6c611c94d20f36e1797d Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.7AI score
Exploits0References1
Rows per page
Query Builder