Lucene search
K
PypaMost viewed

4301 matches found

PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

MLflow Server-Side Request Forgery (SSRF)

A malicious user could use this issue to access internal HTTPs servers and in the worst case ie: aws instance it could be abused to get a remote code execution on the victim machine...

9.8CVSS7.8AI score0.01507EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Excessive Attack Surface in pyload-ng

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41...

9.8CVSS6.3AI score0.0072EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Heap-based buffer overflow in ZBar

A heap-based buffer overflow exists in the qrreadermatchcenters function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be...

9.8CVSS7.6AI score0.01542EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Glances's Browser API Exposes Reusable Downstream Credentials via `/api/4/serverslist`

SummaryIn Central Browser mode, the /api/4/serverslist endpoint returns raw server objects from GlancesServersList.getserverslist. Those objects are mutated in-place during background polling and can contain a uri field with embedded HTTP Basic credentials for downstream Glances servers, using th...

9.1CVSS6.6AI score0.00472EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Command Injection in Apache Airflow and Apache Airflow MySQL Provider

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0...

9.8CVSS7.2AI score0.11082EPSS
Exploits2References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

PickleScan's pkgutil.resolve_name has a universal blocklist bypass

Summarypkgutil.resolvename is a Python stdlib function that resolves any "module:attribute" string to the corresponding Python object at runtime. By using pkgutil.resolvename as the first REDUCE call in a pickle, an attacker can obtain a reference to ANY blocked function e.g., os.system,...

10CVSS6AI score0.00623EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

PandasAI vulnerable to arbitrary code execution

An issue in pandas-ai v.0.8.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

9.8CVSS7.6AI score0.0117EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Code Injection in pyload-ng

Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31...

9.8CVSS7.2AI score0.96988EPSS
Exploits13References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

MLFlow Path Traversal Vulnerability

A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...

9.8CVSS7.3AI score0.02013EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

pyminizip affected by zlib's integer overflow/heap based buffer overflow vulnerability due to vulnerable dependency

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.pyminizip uses version 1.2.11 of zlib's code...

9.8CVSS7AI score0.02918EPSS
Exploits0References17Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

TorchServe Server-Side Request Forgery vulnerability

ImpactRemote Server-Side Request Forgery SSRF Issue: TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and...

10CVSS7.3AI score0.35256EPSS
Exploits6References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Apache Airflow Hive Provider Beeline remote code execution with Principal

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Apache Hive Provider: before 6.1.1.Before version 6.1.1 it waspossible to bypass the security check to RCE viaprincipal parameter. For this to beexploited it requir...

9.8CVSS7.1AI score0.02791EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Remote Code Execution due to Full Controled File Write in mlflow

The mlflow web server includes tools for tracking experiments, packaging code into reproducible runs, and sharing and deploying models. As this vulnerability allows to write / overwrite any file on the file system, it gives a lot of ways to archive code execution like overwriting /home//.bashrc. ...

10CVSS7.6AI score0.47874EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

postgraas-server vulnerable to SQL injection

A vulnerability, which was classified as critical, was found in Blue Yonder postgraasserver up to 2.0.0b2. Affected is the function createpgconnection/createpostgresdb of the file postgraasserver/backends/postgrescluster/postgresclusterdriver.py of the component PostgreSQL Backend Handler. The...

9.8CVSS6AI score0.00598EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

MLflow authentication requirement bypass can allow a user to arbitrarily create an account

An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirement...

9.8CVSS7.2AI score0.01157EPSS
Exploits1References9Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

ReportLab vulnerable to remote code execution via paraparser

paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '...

9.8CVSS7.8AI score0.04452EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Langchain SQL Injection vulnerability

In Langchain before 0.0.247, prompt injection allows execution of arbitrary code against the SQL service provided by the chain...

9.8CVSS6.4AI score
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

MLflow allowed arbitrary files to be PUT onto the server

MLflow allowed arbitrary files to be PUT onto the server...

10CVSS7.1AI score0.04408EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Ray has arbitrary code execution via jobs submission API

Anyscale Ray allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment...

9.8CVSS7.4AI score0.81512EPSS
Exploits6References17Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Ray Path Traversal vulnerability

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here:...

9.8CVSS6.9AI score0.81512EPSS
Exploits22References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Ray Missing Authorization vulnerability

LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here:...

9.8CVSS6.9AI score0.81512EPSS
Exploits22References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Ray OS Command Injection vulnerability

A command injection exists in Ray's cpuprofile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication...

9.8CVSS7.1AI score0.81512EPSS
Exploits22References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Apache Airflow Sqoop Provider Improper Input Validation vulnerability

Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1...

9.8CVSS7.2AI score0.01895EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Remote code execution in pytorch lightning

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

9.8CVSS7.9AI score0.26488EPSS
Exploits3References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

ImpactAttackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE.When axis is larger than the dim of input, c-Diminput,axis goes out of bound.Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Grad...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Use of hard-coded, security-relevant constants in deepset-ai/haystack

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack in version 1.15.0 and prior. A patch is available at commit 5fc84904f198de661d5b933fde756aa922bf09f1...

9.8CVSS7.2AI score0.00843EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

vanna vulnerable to remote code execution caused by prompt injection

In the latest version of vanna-ai/vanna, the vanna.ask function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the exec function in...

9.8CVSS7.8AI score0.00875EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Apache Airflow Hive Provider vulnerable to code injection

Apache Software Foundation's Apache Airflow Hive Provider before 6.0.0 is vulnerable to improper control of generation of code...

9.8CVSS7.2AI score0.02765EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Ckan remote code execution and private information access via crafted resource ids

Specific vulnerabilities: Arbitrary file write in resourcecreate and packageupdate actions, using the ResourceUploader object. Also reachable via packagecreate, packagerevise, and packagepatch via calls to packageupdate. Remote code execution via unsafe pickle loading, via Beaker's session store...

9.8CVSS7.8AI score0.01684EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint

A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the pluginserver, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path...

9.8CVSS7.5AI score0.01307EPSS
Exploits1References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

toui allows user-specific variables to be shared between users

ImpactWebsites that use Website.uservars property in versions. PatchesIt affects versions v2.0.1 to v2.4.0. Please upgrade to v2.4.1 WorkaroundsDo not use Website.uservars in websites when using versions v2.0.1 to v2.4.0. Also, do not use Website.signinuser in version v2.4.0 only. ExplanationToUI...

9.1CVSS7.1AI score0.00651EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Buffer overflow in sponge queue functions

ImpactThe Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more. PatchesYes, see commit fdc6fef0...

9.8CVSS7AI score0.05193EPSS
Exploits1References24Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Header injection in TurboGears

A vulnerability classified as critical has been found in OnShift TurboGears 1.0.11.10. This affects an unknown part of the file turbogears/controllers.py of the component HTTP Header Handler. The manipulation leads to http response splitting. It is possible to initiate the attack remotely...

9.8CVSS6.1AI score0.00854EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Apache Airflow Google Provider Improper Input Validation vulnerability

Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...

9.8CVSS7.2AI score0.01583EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

weixin-python XML External Entity vulnerability

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/toxml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The name...

9.8CVSS6.2AI score0.00775EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

ImpactAttackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE.When axis is larger than the dim of input, c-Diminput,axis goes out of bound.Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Grad...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Apache Airflow Hive Provider Improper Input Validation vulnerability

Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...

9.8CVSS7.2AI score0.01982EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

ImpactAttackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE.When axis is larger than the dim of input, c-Diminput,axis goes out of bound.Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Grad...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Unsafe yaml deserialization in llama-hub

The OpenAPI and ChatGPT plugin loaders in LlamaHub aka llama-hub before 0.0.67 allow attackers to execute arbitrary code because safeload is not used for YAML...

9.8CVSS7.5AI score0.01192EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Arbitrary Code Execution in Pillow

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter...

9.8CVSS6.9AI score0.03399EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

parisneo/lollms Local File Inclusion (LFI) attack

parisneo/lollms version 9.5 is vulnerable to Local File Inclusion LFI attacks due to insufficient path sanitization. The sanitizepathfromendpoint function fails to properly sanitize Windows-style paths backward slash \, allowing attackers to perform directory traversal attacks on Windows systems...

9.1CVSS7.2AI score0.01024EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC

ImpactWhen verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation document.proof was not factored into the final verified value true/false on the presentation record. Below is an example result from verifying a JSON-LD...

9.9CVSS7AI score0.00627EPSS
Exploits1References9Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Cross-site Scripting in Apache superset

A stored cross-site scripting XSS vulnerability exists in Apache Superset before 3.0.3.An authenticated attacker with create/update permissions on charts or dashboards could store a script or add a specific HTML snippet that would act as a stored XSS.For 2.X versions, users should change their...

9.6CVSS6.7AI score0.0083EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

AutoGPT bypass of the shell commands denylist settings

A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific commands, such as whoami and /bin/whoami. An attacker can circumvent this restriction by executing...

9.8CVSS7.2AI score0.00812EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Code execution in pandasai

GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...

9.8CVSS7.7AI score0.01267EPSS
Exploits2References5Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

litellm vulnerable to remote code execution based on using eval unsafely

BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the adddeployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sendin...

9.8CVSS7.5AI score0.00875EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

LlamaIndex includes an exec call for `import {cls_name}`

An issue was discovered in llamaindex before 0.10.38. download/integration.py includes an exec call for import clsname...

9.8CVSS7.2AI score0.00528EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Deserialization of untrusted data in synthcity

A vulnerability, which was classified as critical, has been found in vanderSchaar LAB synthcity 0.2.9. Affected by this issue is the function loadfromfile of the component PKL File Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been...

9.8CVSS6AI score0.00678EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

qdrant input validation failure

qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to a desired file on the...

9.8CVSS7.3AI score0.00901EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

LangChain Experimental Eval Injection vulnerability

langchainexperimental aka LangChain Experimental 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify which uses eval in LLMSymbolicMathChain. LLMSymbolicMathChain was introduced in fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6 2023-10-05...

9.8CVSS6.3AI score0.01387EPSS
Exploits1References7Affected Software1
Total number of security vulnerabilities4301