Lucene search
K
PypaMost viewed

3786 matches found

PyPA
PyPA
added 2025/06/12 6:15 p.m.15 views

PYSEC-2025-220

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality...

9.8CVSS5.8AI score0.00397EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2025/05/29 5:15 p.m.15 views

PYSEC-2025-53

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.9.0, when a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First Token. These timing differences...

2.6CVSS6.8AI score0.00249EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2025/03/20 10:15 a.m.15 views

PYSEC-2025-9

A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious cod...

9.8CVSS8.2AI score0.05342EPSS
Exploits5References3Affected Software1
PyPA
PyPA
added 2024/10/10 11:15 p.m.15 views

PYSEC-2024-219

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves insecure communication between the FRP Fast Reverse Proxy client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and rea...

9.1CVSS6.8AI score0.00172EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2024/08/12 5:15 p.m.15 views

PYSEC-2024-153

Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit apps on Windows were vulnerable to a path traversal vulnerability when the static file shari...

6.5CVSS6.9AI score0.00568EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2023/08/09 11:15 p.m.15 views

PYSEC-2023-321

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while...

5.7CVSS6.2AI score0.00812EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2020/12/18 7:15 p.m.15 views

PYSEC-2020-72

OpenSlides is a free, Web-based presentation and assembly system for managing and projecting agenda, motions, and elections of assemblies. OpenSlides version 3.2, due to unsufficient user input validation and escaping, it is vulnerable to persistant cross-site scripting XSS. In the web applicatio...

8.9CVSS6.3AI score0.01104EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2020/01/23 9:15 p.m.15 views

PYSEC-2020-89

Missing password strength checks on some forms in Plone 4.3 through 5.2.0 allow users to set weak passwords, leading to easier cracking...

7.5CVSS7AI score0.01253EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2020/01/23 9:15 p.m.15 views

PYSEC-2020-85

An open redirect on the login form and possibly other places in Plone 4.0 through 5.2.1 allows an attacker to craft a link to a Plone Site that, when followed, and possibly after login, will redirect to an attacker's site...

6.1CVSS6.9AI score0.00923EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2026/06/23 5:17 p.m.14 views

PYSEC-2026-243

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" or "Public Flows" in code contains a critical RCE vulnerability. Shareable Playground feature works by enabling the execution of workflows by unauthenticated users, by accessi...

9.6CVSS6.2AI score0.00688EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/06/03 2:16 p.m.14 views

PYSEC-2026-199

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15.django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation concatenating the cookie name and salt argument, which allows a remote attacker to use a cookie in a context different from the one where...

4.3CVSS5.4AI score0.00245EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/05/28 4:16 p.m.14 views

PYSEC-0000-CVE-2026-48526

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate use of JSON Web Keys in HMAC algorithm, allowing attacker to use the issuer public key as the...

7.4CVSS5.8AI score0.00394EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/27 5:16 p.m.14 views

PYSEC-2026-180

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/26 6:16 p.m.14 views

PYSEC-0000-CVE-2026-44730

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.7, an organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization. This is due to incorrect ACL o...

7.2CVSS5.8AI score0.00316EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/14 5:16 p.m.14 views

PYSEC-2026-40

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS6.5AI score0.00865EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/13 9:16 p.m.14 views

PYSEC-2026-160

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending...

7.5CVSS5.8AI score0.00433EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/13 4:16 p.m.14 views

PYSEC-2026-164

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager allowedextensionsuris is not correctly enforced by JupyterLab. The Py...

8.8CVSS5.8AI score0.0053EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/05/11 6:16 p.m.14 views

PYSEC-2026-128

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, package folder names are sanitized using insufficient string replacement. The pattern ....// becomes .. after replacement partial removal, leaving .. which can be exploited when the path is later resolve...

6.5CVSS5.8AI score0.00342EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/11 4:17 p.m.14 views

PYSEC-2026-146

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/05 4:16 p.m.14 views

PYSEC-2026-55

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14.django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary header contained an asterisk ''. This can lead to private data being stored and served.Earlier, unsupported Django series such as 5.0.x, 4.1.x...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/04/24 9:16 p.m.14 views

PYSEC-2026-77

LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.splittextfromurl validated the initial URL using validatesafeurl but then performed the fetch with requests.get with redirects enabled the default. Because...

6.5CVSS5.8AI score0.0026EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/04/24 8:16 p.m.14 views

PYSEC-2026-109

pretalx is a conference planning tool. Prior to 2026.1.0, an unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malformed HTML or markdown link syntax in a user-controlled template placeholder such as the account displ...

6.1CVSS5.9AI score0.00154EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/04/15 7:16 p.m.14 views

PYSEC-2026-153

Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't perform proper access control. This issue has been fixed in version 5.17. If developers are unable to update immediately, they can disable this featur...

6.8CVSS5.7AI score0.00323EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2026/04/07 1:16 p.m.14 views

PYSEC-2026-94

MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...

5.4CVSS5.8AI score0.00362EPSS
Exploits2References4Affected Software1
PyPA
PyPA
added 2026/03/27 1:16 a.m.14 views

PYSEC-2026-106

OpenHands is software for AI-driven development. Starting in version 1.5.0, a Command Injection vulnerability exists in the getgitdiff method at openhands/runtime/utils/githandler.py:134. The path parameter from the /api/conversations/conversationid/git/diff API endpoint is passed unsanitized to ...

9.9CVSS6.1AI score0.01892EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2026/03/26 5:16 p.m.14 views

PYSEC-2026-27

Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, th...

7.3CVSS5.8AI score0.00132EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/03/13 7:55 p.m.14 views

PYSEC-2026-120

PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit Critical Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting...

7.5CVSS6.8AI score0.00269EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/01/28 9:9 p.m.14 views

A single post-release of dydx-v4-client contained obfuscated multi-stage loader

A PyPI user account compromised by an attacker and was able toupload a malicious version 1.1.5.post1 of the dydx-v4-client package.This version contains a highly obfuscated multi-stage loaderthat ultimately executes malicious code on the host system.While the final payload is not visible because ...

5.8AI score
Exploits0References1Affected Software1
PyPA
PyPA
added 2025/09/25 4:15 p.m.14 views

PYSEC-2025-204

pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randnlike are used together...

7.5CVSS6AI score0.0039EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2025/05/14 11:16 a.m.14 views

PYSEC-2025-60

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB.This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2.Users are recommended to upgrade to version...

7.5CVSS6.9AI score0.00709EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2025/04/17 6:15 p.m.14 views

PYSEC-2025-177

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IFA1=200, eval"import'os'.system substring...

9.8CVSS6.2AI score0.00776EPSS
Exploits2References5Affected Software1
PyPA
PyPA
added 2025/03/20 10:15 a.m.14 views

PYSEC-2025-96

An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any user to restart the server at will, leading to a complete loss of availability. The issue arises because the function responsible for restarting the server is not proper...

6.5CVSS6.6AI score0.006EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2025/03/20 10:15 a.m.14 views

PYSEC-2025-93

gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component gr.JSON, which has a known issue CVE-2024-4941. This vulnerability allows unauthenticated users to access arbitrary files on the server by uploading a speciall...

7.5CVSS7AI score0.0083EPSS
Exploits2References1Affected Software1
PyPA
PyPA
added 2025/02/25 3:15 p.m.14 views

PYSEC-2025-120

jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...

10CVSS5.8AI score0.00328EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2025/01/08 5:15 p.m.14 views

PYSEC-2025-121

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the getfile function...

6.5CVSS6.2AI score0.00221EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2023/09/29 9:14 p.m.14 views

PYSEC-2023-182

opencv-contrib-python-headless versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-contrib-python-headless v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2...

8.8CVSS8.1AI score0.99694EPSS
Exploits9References3Affected Software1
PyPA
PyPA
added 2021/08/09 9:15 p.m.14 views

PYSEC-2021-118

The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim...

10CVSS7.2AI score0.02106EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2021/02/26 3:15 a.m.14 views

PYSEC-2021-76

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the...

6.1CVSS6.7AI score0.01905EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/06/01 9:16 a.m.13 views

PYSEC-0000-CVE-2026-45426

Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against Dag IDs by applying Python's str.lstrip to the requested path segment when verifying the JWT's sub...

3.1CVSS5.8AI score0.00344EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/01 9:16 a.m.13 views

PYSEC-2026-182

The partitioneddagruns endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they were not authorized to...

4.3CVSS5.8AI score0.00352EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/05/28 4:16 p.m.13 views

PYSEC-0000-CVE-2026-48523

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

5.4CVSS5.8AI score0.00127EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/27 8:16 p.m.13 views

PYSEC-2026-188

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.12 and 1.7.1, an unauthenticated open redirect in Authlib's OpenIDImplicitGrant and OpenIDHybridGrant authorization endpoint lets a remote attacker cause the authorization server to issue an HTTP 302 to an...

6.1CVSS5.8AI score0.00203EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/27 5:16 p.m.13 views

PYSEC-0000-CVE-2026-44353

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/26 9:16 p.m.13 views

PYSEC-2026-168

Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and realier, in src/mistune/directives/image.py, the renderfigure function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XSS even when...

6.1CVSS5.8AI score0.00198EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/12 6:17 p.m.13 views

PYSEC-2026-30

changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...

7.5CVSS5.8AI score0.00354EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2026/05/11 6:16 p.m.13 views

PYSEC-2026-129

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the setpackagedata API function call inside the data object with key "folder", there is no sanitization at all, allowing a user with Perms.MODIFY to specify arbitrary...

8.1CVSS5.9AI score0.00395EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/05/09 6:16 a.m.13 views

PYSEC-2026-165

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...

5.5CVSS7.1AI score0.00114EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2026/05/05 7:16 p.m.13 views

PYSEC-2026-119

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admi...

9.8CVSS5.7AI score0.0048EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/04/30 10:16 a.m.13 views

PYSEC-2026-24

Apache Airflow's SMTP provider SmtpHook called Python's smtplib.SMTP.starttls without an SSL context, so no certificate validation was performed on the TLS upgrade. A man-in-the-middle between the Airflow worker and the SMTP server could present a self-signed certificate, complete the STARTTLS...

5.9CVSS5.8AI score0.00268EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/04/28 7:36 p.m.13 views

PYSEC-2026-100

NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information...

9.8CVSS5.8AI score0.00573EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities3786