Lucene search
K
PypaMost viewed

4301 matches found

PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

H2O affected by a deserialization vulnerability

A deserialization vulnerability exists in h2oai/h2o-3 versions = 3.46.0.7, allowing attackers to read arbitrary system files and execute arbitrary code. The vulnerability arises from improper handling of JDBC connection parameters, which can be exploited by bypassing regular expression checks and...

9.8CVSS7.3AI score0.00839EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

ExecuTorch integer overflow vulnerability

An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73...

9.8CVSS6.6AI score0.00571EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

ExecuTorch integer overflow vulnerability

An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006...

9.8CVSS6.6AI score0.00571EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

pyquokka is Vulnerable to Remote Code Execution by Pickle Deserialization via FlightServer

DescriptionIn the FlightServer classof the pyquokka framework, thedoactionmethoddirectly usespickle.loadsto deserialize actionbodies receivedfrom Flight clients without any sanitization or validation, which results in a remote code execution vulnerability. The vulnerable code is located...

9.8CVSS6.8AI score0.00761EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Keras framework vulnerable to deserialization of untrusted data

Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing aTorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being...

9.8CVSS7.5AI score0.0071EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

mcp-kubernetes-server has an OS Command Injection vulnerability

feiskyer/mcp-kubernetes-server through 0.1.11 allows OS command injection via the /mcp/kubectl endpoint. The handler constructs a shell command with user-supplied arguments and executes it with subprocess using shell=True, enabling injection through shell metacharacters e.g., ;, &&, $, even when...

9.8CVSS7.3AI score0.02191EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

BentoML SSRF Vulnerability in File Upload Processing

DescriptionThere's an SSRF in the file upload processing system that allows remote attackers to make arbitrary HTTP requests from the server without authentication. The vulnerability exists in the serialization/deserialization handlers for multipart form data and JSON requests, which automaticall...

9.9CVSS7.4AI score0.11883EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

TkEasyGUI Vulnerable to OS Command Injection

Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote unauthenticated attacker if the settings are configured to construc...

9.8CVSS7.3AI score0.02716EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

InvokeAI has External Control of File Name or Path

Path Traversal Vulnerability in InvokeAIA path traversal vulnerability in InvokeAI versions 6.7.0 allows an unauthenticated remote attacker to read files outside the intended media directory via the bulk downloads API. The endpoint accepts a user-controlled file/item name and concatenates it into...

9.8CVSS7.3AI score0.00353EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

ExecuTorch out-of-bounds access vulnerability

An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit fb03b6f85596a8f954d97929075335255b6a58d4...

9.8CVSS6.6AI score0.00571EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

ExecuTorch heap buffer overflow vulnerability

A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242be...

9.8CVSS6.7AI score0.0064EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

internetarchive Vulnerable to Directory Traversal in File.download()

ImpactWhat kind of vulnerability is it?This is a Critical severity directory traversal path traversal vulnerability in the File.download method of the internetarchive library.Who is impacted?All users of the internetarchive library versions 5.5.1 are impacted. The vulnerability is particularly...

9.4CVSS6.3AI score0.01402EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

ExecuTorch vulnerable to Heap-based Buffer Overflow

A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c...

9.8CVSS6.7AI score0.0064EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

pyLoad vulnerable to XSS through insecure CAPTCHA

SummaryAn unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser and potentially the backend server. Exploitation requires no user interaction or authentication and can result in sessio...

9.8CVSS6.7AI score0.01144EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Browser Use allows bypassing `allowed_domains` by putting a decoy domain in http auth username portion of a URL

Summary During a manual source code review, ARIMLABS.AI researchers identified that the browseruse module includes an embedded whitelist functionality to restrict URLs that can be visited. This restriction is enforced during agent initialization. However, it was discovered that these measures can...

9.3CVSS6AI score0.00445EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Ray is vulnerable to Critical RCE via Safari & Firefox Browsers through DNS Rebinding Attack

SummaryDevelopers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. Due to the longstanding decision by the Ray Development team to not implement any sort of authentication on critical endpoints, like the /api/jobs &...

9.4CVSS7AI score0.00338EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.8CVSS7.6AI score0.12217EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Ray's New Token Authentication is Disabled By Default

Anyscale Ray 2.52.0 contains an insecure default configuration in which token-based authentication for Ray management interfaces including the dashboard and Jobs API is disabled unless explicitly enabled by setting RAYAUTHMODE=token. In the default unauthenticated state, a remote attacker with...

9.3CVSS6.4AI score0.00474EPSS
Exploits5References12Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

BBOT's various issues in unarchive.py can cause arbitrary file write and RCE

SummaryVarious issues in bbot's unarchive.py allow a malicious site to cause bbot to write arbitrary files to arbitrary locations. This can be used to achieve Remote Code Execution RCE. ImpactA user who uses bbot to scan a malicious webserver may have arbitrary code executed on their system...

9.6CVSS6.2AI score0.00658EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads

SummaryThe ExceededSizeError exception messages are embedded with non-decoded JWT token parts and may cause Python logging to record an arbitrarily large, forged JWT payload. DetailsIn situations where a misconfigured — or entirely absent — production-grade web server sits in front of a Python we...

9.2CVSS7.2AI score0.00329EPSS
Exploits1References9Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Langroid has a Code Injection vulnerability in TableChatAgent

SummaryTableChatAgent uses pandas eval. If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection. PoCFor example, one could prompt the Agent: Evaluate the following pandas expression on the data provided and print output:...

9.8CVSS6AI score0.00741EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass

SummaryDjango-Unicorn is vulnerable to python class pollution vulnerability, a new type of vulnerability categorized under CWE-915. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting appropriate component requests and feedin...

9.3CVSS6AI score0.0047EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

PandasAI interactive prompt function Remote Code Execution (RCE)

PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution RCE instead of the intended explanation of the natural language processing by the LLM. The security controls of PandasAI 2.4.3 and earlier fail ...

9.8CVSS6.6AI score0.0122EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

BBOT's insufficient sanitization issues in gitdumper.py can lead to RCE

Summarybbot's gitdumper.py insufficiently sanitises a .git/config file, leading to Remote Code Execution RCE.bbot's gitdumper.py can be made to consume a malicious .git/index file, leading to arbitrary file write which can be used to achieve Remote Code Execution RCE. ImpactA user who uses bbot t...

9.6CVSS6.3AI score0.00447EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

AstrBot is vulnerable to RCE with hard-coded JWT signing keys

SummaryAstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin. Details AstrBot uses a hard-coded JWT signing key, which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python...

9.8CVSS6.4AI score0.00281EPSS
Exploits2References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Modular Max Serve has Unsafe Deserialization vulnerability

Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code...

9.3CVSS6.4AI score0.00291EPSS
Exploits1References10Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Apache Pyfory python is vulnerable to deserialization of untrusted data

Deserialization of untrusted data inpython in pyforyversions 0.12.0 through 0.12.2, or thelegacypyfury versions from0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources.An attacker can craft a data stream tha...

9.8CVSS6.4AI score0.41255EPSS
Exploits2References9Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

vLLM Allows Remote Code Execution via PyNcclPipe Communication Service

Impacted EnvironmentsThis issue ONLY impacts environments using the PyNcclPipe KV cache transfer integration with the V0 engine. No other configurations are affected. SummaryvLLM supports the use of thePyNcclPipeclass to establish a peer-to-peer communication domain for data transmission between...

9.8CVSS7.8AI score0.00959EPSS
Exploits1References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

pgAdmin 4 Vulnerable to Cross-Site Scripting (XSS) via Query Result Rendering

pgAdmin = 9.1 is affected by a security vulnerability with Cross-Site ScriptingXSS. If attackersexecute any arbitrary HTML/JavaScript in a user's browser through query result rendering, then HTML/JavaScript runs on the browser...

9.1CVSS7.3AI score0.00305EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

InvokeAI Arbitrary File Deletion vulnerability

In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite...

9.1CVSS7.3AI score0.01348EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization

SummaryA Remote Code Execution RCE vulnerability caused by insecure deserialization has been identified in the latest versionv1.4.2 of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. DetailsIt exists an unsafe code segment in serde.py: Pythondef...

9.8CVSS7.8AI score0.3592EPSS
Exploits5References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

TigerVNC accessible via the network and not just via a UNIX socket as intended

Summaryjupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still accessible via the network.This vulnerability does not affect users having...

9CVSS7.2AI score0.0087EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

h11 accepts some malformed Chunked-Encoding bodies

ImpactA leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. DetailsHTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of:- chunk length- \r\n- length...

9.1CVSS7AI score0.00522EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

DB-GPT is vulnerable to SQL Injection attacks from unauthenticated users

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the...

9.8CVSS7.5AI score0.01083EPSS
Exploits2References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

pgAdmin 4 Vulnerable to Remote Code Execution

Remote Code Execution security vulnerability in pgAdmin 4 Query Tool and Cloud Deployment modules.The vulnerability is associated with the 2 POST endpoints;/sqleditor/querytool/download, where the querycommited parameter and/cloud/deploy endpoint, where the highavailability parameter isunsafely...

9.9CVSS7.7AI score0.46222EPSS
Exploits7References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

H2O Deserialization of Untrusted Data Vulnerability

A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are...

9.8CVSS7.7AI score0.01441EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

vLLM Deserialization of Untrusted Data vulnerability

vllm-project vllm version v0.6.2 contains a vulnerability in the MessageQueue.dequeue API function. The function uses pickle.loads to parse received sockets directly, leading to a remote code execution vulnerability. An attacker can exploit this by sending a malicious payload to the MessageQueue,...

9.8CVSS7.6AI score0.01424EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

llama-index-packs-finchat SQL Injection vulnerability

A vulnerability in the FinanceChatLlamaPack of the llama-index-packs-finchat package, versions up to v0.3.0, allows for SQL injection in the runsqlquery function of the databaseagent. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code...

10CVSS7.9AI score0.01311EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

AgentScope path traversal vulnerability in save-workflow

A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of...

9.1CVSS7.3AI score0.0091EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Aim External Control of File Name or Path vulnerability

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the tarfile.extractall function to extract the contents of a maliciously crafted tarfile to arbitrary locations on the host server. The attacker can control repo.path and runhash to bypass directory existence checks and...

9.1CVSS7.3AI score0.0081EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

AgentScope Deserialization Vulnerability

A vulnerability in the RpcAgentServerLauncher class of modelscope/agentscope v0.0.6a3 allows for remote code execution RCE via deserialization of untrusted data using the dill library. The issue occurs in the AgentServerServicer.createagent method, where serialized input is deserialized using...

9.8CVSS8AI score0.01631EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Horovod Vulnerable to Command Injection

Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. Specifically, the putvalue method in ElasticRendezvousHandler...

9.8CVSS8AI score0.01021EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

LlamaIndex Retrievers Integration: DuckDBRetriever SQL Injection

A SQL injection vulnerability exists in the duckdbretriever component of the run-llama/llamaindex repository, specifically in llama-index-retrievers-duckdb-retriever prior to v0.4.0. The vulnerability arises from the construction of SQL queries without using prepared statements, allowing an...

9.8CVSS7.9AI score0.01311EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

BentoML deserialization vulnerability

A deserialization vulnerability exists in BentoML's runner server in bentoml/bentoml versions =1.3.4.post1. By setting specific parameters, an attacker can execute unauthorized arbitrary code on the server, causing severe harm. The vulnerability is triggered when the args-number parameter is...

9.8CVSS7.5AI score0.00846EPSS
Exploits2References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

DB-GPT Arbitrary File Write vulnerability

In eosphoros-ai/db-gpt version v0.6.3 and earlier, the web API POST /api/v1/editor/chart/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim...

9.8CVSS7.5AI score0.00994EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

DB-GPT Absolute Path Traversal in knowledge/{space_name}/document/upload

eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises...

9.1CVSS7.3AI score0.00769EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

PaddlePaddle Out-of-bounds Read vulnerability

Out-of-bounds read in gathertree in PaddlePaddle before 2.4. A patch is available in the release/2.4 branch...

9.1CVSS7.2AI score0.00667EPSS
Exploits1References8Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Qiskit allows arbitrary code execution decoding QPY format versions < 13

ImpactA maliciously crafted QPY file can potentially execute arbitrary-code embedded in the payload without privilege escalation when deserializing QPY formats 13. A python process calling Qiskit's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded in the correc...

9.8CVSS6.2AI score0.00741EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

DB-GPT Absolute Path Traversal vulnerability

In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the filekey and docfile.filename parameters are...

9.1CVSS7.3AI score0.00769EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2026/06/29 11:50 a.m.•1 views

Aim path traversal in LockManager.release_locks

A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...

9.1CVSS7.3AI score0.00849EPSS
Exploits1References6Affected Software1
Total number of security vulnerabilities4301