Lucene search
K
PypaMost viewed

5620 matches found

PyPA
PyPA
added 2026/06/25 2:59 p.m.5 views

Malicious code in gpsea (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of gpsea were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/25 2:36 p.m.5 views

Malicious code in embiggen (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of embiggen were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials and...

5.8AI score
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/24 6:17 p.m.5 views

PYSEC-2026-240

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2.74.0, the USPTO patent XML parser used the standard xml.sax.parseString without protection against XML External Entity XXE attacks. An attacker could...

7.5CVSS5.9AI score0.00334EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/06/24 1:16 p.m.5 views

PYSEC-2026-229

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...

6.9CVSS5.8AI score0.00417EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/24 1:16 p.m.5 views

PYSEC-0000-CVE-2026-56262

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication,...

6.9CVSS5.8AI score0.00417EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/23 6:18 p.m.5 views

PYSEC-2026-241

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False....

7.6CVSS5.8AI score0.00193EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/06/23 5:17 p.m.5 views

PYSEC-2026-222

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. This vulnerability is fixed in 1.7.0...

6.1CVSS5.8AI score0.00152EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2026/06/23 5:17 p.m.5 views

PYSEC-0000-CVE-2026-55450

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the...

9.3CVSS5.9AI score0.00332EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/06/23 5:17 p.m.5 views

PYSEC-0000-CVE-2026-55446

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.0.19, an attacker can send a /api/v1/files/upload/ request without any authentication token/cookies and abuse a very long multipart form boundary to make the langflow app unusable for all users for an...

7.5CVSS5.9AI score0.00321EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/06/23 5:16 p.m.5 views

PYSEC-2026-242

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow's /api/v1/monitor router exposes 7 endpoints that perform read, write, and delete operations on user-owned resources — messages, sessions, build artifacts, and LLM transaction logs — without...

8.8CVSS5.8AI score0.00291EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2026/06/23 1:16 p.m.5 views

PYSEC-0000-CVE-2026-56263

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via innerHTML without escaping. An attacker can submit a crafted crawl request with malicious markup that executes in an operator's browser when viewing t...

6.1CVSS5.6AI score0.00195EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/21 2:16 p.m.5 views

PYSEC-2026-239

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

9.8CVSS5.8AI score0.00407EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/06/21 2:16 p.m.5 views

PYSEC-2026-245

picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils.configmodule.loadconfig function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote code execution in supply...

8.1CVSS6.5AI score0.00397EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/06/20 7:16 p.m.5 views

PYSEC-2026-250

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS7AI score0.00831EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2026/06/20 4:17 p.m.5 views

PYSEC-0000-CVE-2026-56304

picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to create arbitrary zero-byte files via logging.FileHandler class instantiation. Attackers can exploit this by crafting malicious pickle payloads to bypass RCE blocklists and create...

6.9CVSS6AI score0.00288EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/06/09 4:43 p.m.5 views

PYSEC-2026-219

Versions of the package dash-core-components before 2.13.0; all versions of the package dash-core-components; versions of the package dash before 2.15.0; all versions of the package dash-html-components; versions of the package dash-html-components before 2.0.16 are vulnerable to Cross-site...

6.5CVSS6.4AI score0.01475EPSS
Exploits1References17Affected Software1
PyPA
PyPA
added 2024/10/24 9:15 p.m.5 views

PYSEC-2024-120

An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library...

8.4CVSS7.7AI score0.00255EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2024/10/11 4:15 p.m.5 views

PYSEC-2024-122

A path traversal vulnerability exists in the api openpersonalityfolder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personalityfolder on the victim's computer, even though sanitizepath is set. The issue arises due to improper sanitization of t...

4.4CVSS6.9AI score0.00353EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2024/10/08 6:15 p.m.5 views

PYSEC-2024-109

DeepSpeed Remote Code Execution Vulnerability...

8.4CVSS7.5AI score0.00671EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2024/09/17 7:15 p.m.5 views

PYSEC-2024-96

A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...

7.5CVSS7.4AI score0.01006EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 2024/08/07 3:15 p.m.5 views

PYSEC-2024-68

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS7AI score0.01258EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2024/07/17 8:15 a.m.5 views

PYSEC-2024-189

Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated attacker to inject a malicious link when installing a provider. Users are recommended to upgrade to version 2.9.3, which fixes this issue...

8.1CVSS6.8AI score0.00996EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2024/06/09 7:15 p.m.5 views

PYSEC-2024-52

lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. This is similar to CVE-2022-29217 and CVE-2024-33663...

7.5CVSS6.9AI score0.00382EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2024/05/16 9:15 a.m.5 views

PYSEC-2024-51

A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT permissions, allowing...

5.4CVSS6.7AI score0.00329EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2024/04/19 9:15 p.m.5 views

PYSEC-2024-250

Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...

5.5CVSS7.1AI score0.00383EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2024/04/17 7:15 p.m.5 views

PYSEC-2024-252

PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/varargfunctions.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

4CVSS7.6AI score0.00223EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2024/04/16 12:15 a.m.5 views

PYSEC-2024-243

mlflow/mlflow is vulnerable to Local File Inclusion LFI due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'islocaluri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the...

9.3CVSS6.9AI score0.00733EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2024/03/22 11:15 p.m.5 views

PYSEC-2024-257

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...

7.5CVSS6.5AI score0.00712EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2024/03/14 7:15 p.m.5 views

PYSEC-2024-315

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

9.8CVSS6.1AI score0.00773EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2024/02/26 4:27 p.m.5 views

PYSEC-2024-235

With the following crawler configuration:pythonfrom bs4 import BeautifulSoup as Soupurl = "https://example.com"loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".textdocs = loader.loadAn attacker in control of the contents of https://example.com could place ...

8.1CVSS6.7AI score0.00517EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2024/02/24 5:15 a.m.5 views

PYSEC-2024-39

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

7.5CVSS7AI score0.01025EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2024/02/22 10:15 p.m.5 views

PYSEC-2024-249

SummaryOn all Label Studio versions prior to 1.11.0, data imported via file upload feature is not properly sanitized prior to being rendered within a Choices or Labels tag, resulting in an XSS vulnerability. DetailsNeed permission to use the "data import" function. This was reproduced on Label...

6.1CVSS6.5AI score0.02199EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2024/02/21 5:15 p.m.5 views

PYSEC-2024-225

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if pkcs12.serializekeyandcertificates is called with both a certificate whose public key did not match the provided private key and an...

7.5CVSS8.1AI score0.00831EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2024/02/19 11:15 p.m.5 views

PYSEC-2024-155

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a...

7.5CVSS6.9AI score0.01167EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2024/01/24 1:15 p.m.5 views

PYSEC-2024-13

Apache Airflow, versions before 2.8.1, have a vulnerability that allows a potential attacker to poison the XCom data by bypassing the protection of "enablexcompickling=False" configuration setting resulting in poisoned data after XCom deserialization. This vulnerability is considered low since it...

7.5CVSS6.8AI score0.0121EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2024/01/23 6:15 p.m.5 views

PYSEC-2024-20

Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the element method in app/routes.py does not validate the user-controlled srctype and elementurl variables and passes them to the send method which sends a GET request on lines 339-343 in request.py, which leads to a...

9.8CVSS6.7AI score0.01003EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 2024/01/12 3:15 a.m.5 views

PYSEC-2024-10

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

9.8CVSS6.8AI score0.00464EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2024/01/03 9:15 a.m.5 views

PYSEC-2024-135

Nullptr in paddle.putalongaxisin PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service...

7.5CVSS6.8AI score0.00484EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2023/12/15 1:15 a.m.5 views

PYSEC-2023-253

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2...

8.1CVSS6.8AI score0.0329EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2023/12/13 12:15 a.m.5 views

PYSEC-2023-309

Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2...

9.6CVSS6.8AI score0.01072EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2023/12/09 1:15 a.m.5 views

PYSEC-2023-292

PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...

8.8CVSS6.8AI score0.00324EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2023/11/30 7:15 a.m.5 views

PYSEC-2023-250

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request e.g. to insert a new header or create a new HTTP request if the attacker controls the HTTP version. The vulnerability only occurs if the...

7.2CVSS6.8AI score0.00874EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2023/11/29 7:15 p.m.5 views

PYSEC-2023-254

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service...

7.5CVSS6.3AI score0.00985EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2023/11/24 8:15 a.m.5 views

PYSEC-2023-268

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler.The information exposed to unauthorized actors may include sensitive data such as database credentials.Users who can't upgrade to the fixed version can also set environment variable...

7.5CVSS6.7AI score0.01201EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2023/11/09 4:15 p.m.5 views

PYSEC-2023-234

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm...

7.5CVSS6.6AI score0.00476EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2023/11/02 6:15 a.m.5 views

PYSEC-2023-223

Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code...

9.8CVSS7.6AI score0.00796EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2023/10/25 9:15 p.m.5 views

PYSEC-2023-224

Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, th...

5.3CVSS6.9AI score0.00766EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2023/10/20 12:15 a.m.5 views

PYSEC-2023-214

Home assistant is an open source home automation. The audit team’s analyses confirmed that the redirecturi and clientid are alterable when logging in. Consequently, the code parameter utilized to fetch the accesstoken post-authentication will be sent to the URL specified in the aforementioned...

5.4CVSS7AI score0.00395EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2023/10/19 10:15 p.m.5 views

PYSEC-2023-213

Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...

7.5CVSS6.6AI score0.0022EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2023/10/19 5:15 a.m.5 views

PYSEC-2023-205

LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...

8.8CVSS7AI score0.44711EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities5000