Lucene search
K
PypaMost viewed

5616 matches found

PyPA
PyPA
added yesterday3 views

Flask uses fallback key instead of current signing key

In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key.Signing is provided by the itsdangerous library. A list of keys can be passed, and it expects the last top key in the list to be the most...

1.8CVSS6AI score0.00153EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store

SummaryLanceDocChatAgent uses pandas eval through computefromdocs:https://github.com/langroid/langroid/blob/18667ec7e971efc242505196f6518eb19a0abc1c/langroid/vectorstore/base.pyL136-L150As a result, an attacker may be able to make the agent run malicious commands through QueryPlan.dataframecalc...

9.8CVSS5.9AI score0.00482EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday3 views

Apache Superset Allows Ownership Takeover

Improper Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions.This issue affects Apache Superset: through 4.1.1.Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue...

8.8CVSS6.1AI score0.00972EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

docarray prototype pollution

A vulnerability was found in docarray up to 0.40.1. It has been rated as critical. Affected by this issue is the function getitem of the file /docarray/data/torchdataset.py of the component Web API. The manipulation leads to improperly controlled modification of object prototype attributes...

8.8CVSS5.4AI score0.00563EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

markdownify allows large headline prefixes such as <h9999999>, which causes memory consumption

python-markdownify aka markdownify before 0.14.1 allows large headline prefixes such as in addition to through . This causes memory consumption...

3.3CVSS5.9AI score0.00181EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

AWorld OS Command Injection vulnerability

A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d793dd9a1a950c2af4dd84c4e. It has been rated as critical. This issue affects the function subprocess.run/subprocess.Popen of the file AWorld/aworld/virtualenvironments/terminals/shelltool.py. The manipulation leads to os command...

8.1CVSS5AI score0.03164EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added yesterday3 views

Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload

Vulnerable MobSF Versions: = v4.3.2CVSS V4.0 Score: 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:NDetails:A Stored Cross-Site Scripting XSS vulnerability has been identified in MobSF versions ≤ 4.3.2. The vulnerability arises from improper sanitization of user-supplied SVG...

8.6CVSS5.9AI score0.00251EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Langroid Allows XXE Injection via XMLToolMessage

SummaryA LLM application leveraging XMLToolMessage class may be exposed to untrusted XML input that could result in DoS and/or exposing local files with sensitive information. DetailsXMLToolMessage uses lxml without...

9.1CVSS5.9AI score0.00545EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Crawl4AI SSRF vulnerability

Crawl4AI =0.4.247 is vulnerable to SSRF in /crawl4ai/asyncdispatcher.py...

9.1CVSS5.9AI score0.00296EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday3 views

LLaMA-Factory Allows Arbitrary Code Execution via Unsafe Deserialization in Ilamafy_baichuan2.py

DescriptionA critical vulnerability exists in the llamafybaichuan2.py script of the LLaMA-Factory project. The script performs insecure deserialization using torch.load on user-supplied .bin files from an input directory. An attacker can exploit this behavior by crafting a malicious .bin file tha...

7.8CVSS6.3AI score0.00232EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Data exposure via ZeroMQ on multi-node vLLM deployment

ImpactIn a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-node communication purposes. The primary vLLM host opens an XPUB ZeroMQ socket and binds it to ALL interfaces. While the socket is always opened for a multi-node deployment, it is only used when doing tensor parallelism across...

7.5CVSS6.2AI score0.00505EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

Vulnerable MobSF Versions: = v4.3.2Details:MobSF is a widely adopted mobile application security testing tool used by security teams across numerous organizations. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications...

6.8CVSS6AI score0.00411EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Apache Airflow Common SQL Provider Vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Airflow Common SQL Provider.When using the partition clause in SQLTableCheckOperator as parameter which was a recommended pattern, Authenticated UI User could inject arbitrary SQL command wh...

8.8CVSS6.2AI score0.00776EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added yesterday3 views

AWS SAM CLI Path Traversal allows file copy to local cache

SummaryThe AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker.After completing a build with AWS SAM CLI which include symlinks, the content of...

6.9CVSS6.1AI score0.0062EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday3 views

Whoogle allows attackers to execute arbitrary code via supplying a crafted search query

An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...

9.3CVSS6.3AI score0.00502EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

LMDeploy Improper Input Validation Vulnerability

A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been classified as critical. Affected is the function loadweightckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler. The manipulation leads to deserialization. Attacking locally is a requirement...

7.8CVSS5.3AI score0.003EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added yesterday3 views

InternLM LMDeploy code injection vulnerability

A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has...

7.8CVSS5.4AI score0.00338EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added yesterday3 views

Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks

From @jackfromeast and @superboy-zjc:We have identified a class pollution vulnerability in Mesop = 0.14.0 application that allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to a denial of service DoS...

8.1CVSS6AI score0.00629EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday3 views

jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"

OverviewOn many platforms, a third party can create a Git repository under a name that includes a shell command substitution ^1 string in the syntax $. These directory names are allowed in macOS and a majority of Linux distributions ^2. If a user starts jupyter-lab in a parent directory of this...

7.4CVSS6.5AI score0.00557EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday3 views

Litestar and Starlite vulnerable to Path Traversal

SummaryLocal File Inclusion via Path Traversal in LiteStar Static File ServingA Local File Inclusion LFI vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws, enabling unauthorized access to sensiti...

8.2CVSS6.1AI score0.00722EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday3 views

Malicious code in dreamgen (PyPI)

Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08,malicious phantom releases of dreamgen were published to PyPI using stolencredentials. The package executes a bundled JavaScript payload via the Bunruntime on import that harvests and exfiltrates credentials and...

5.9AI score
Exploits0References3Affected Software1
PyPA
PyPA
added yesterday3 views

Synapse vulnerable to federation denial of service via malformed events

ImpactA malicious server can craft events with a depth outside the integer range allowed by Canonical JSON. When such an event is received by Synapse version up to 1.127.0, it prevents it from federating with other servers. The vulnerability has been exploited in the wild. PatchesFixed in Synapse...

7.5CVSS5.8AI score0.01157EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

Aim Excessive Data Query Operations in a Large Data Table vulnerability

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of Text objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these...

7.5CVSS5.9AI score0.0059EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday3 views

LiteLLM Has an Improper Authorization Vulnerability

An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internaluserviewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the applicatio...

8.1CVSS6AI score0.00315EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday3 views

MLflow Cross-Site Request Forgery (CSRF) vulnerability

A Cross-Site Request Forgery CSRF vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be used to perform unauthorized actions on behalf of the malicious user...

7.1CVSS5.9AI score0.00202EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Frappe has possibility of SQL injection due to improper validations

ImpactSQL injection could be achieved via a specially crafted request, which could allow malicious person to gain access to sensitive information. WorkaroundsUpgrading is required, no other workaround is present...

8.7CVSS5.9AI score0.00339EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday3 views

Frappe has Possibility of Remote Code Execution due to improper validation

ImpactA system user was able to create certain documents in a specific way that could lead to RCE. WorkaroundsThere's no workaround, an upgrade is required. CreditsThanks to Thanh of Calif.io for reporting the issue...

8.8CVSS6AI score0.00669EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday3 views

Frappe vulnerable to information disclosure leading to account takeover

ImpactMaking crafted requests could lead to information disclosure that could further lead to account takeover. WorkaroundsThere's no workaround to fix this without upgrading. CreditsThanks to Thanh of Calif.io for reporting the issue...

9.3CVSS5.9AI score0.00398EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday3 views

MLflow Uncontrolled Resource Consumption vulnerability

In mlflow/mlflow version 2.17.2, the /graphql endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all runs from a given experiment. This can tie up all the workers allocated by MLFlow, rendering the application unable to...

7.5CVSS6.3AI score0.00517EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday3 views

Composio Eval Injection Vulnerability

In composiohq/composio version 0.4.3, the mathematicalcalculator endpoint uses the unsafe eval function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval function...

9.8CVSS6.5AI score0.01103EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

composio Server-Side Request Forgery (SSRF) vulnerability

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. This vulnerability allows an attacker to read files, access AWS metadata, and interact with local services on the system...

7.5CVSS6AI score0.00671EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday3 views

H2O Vulnerable to Arbitrary File Overwrite

In h2oai/h2o-3 version 3.46.0, the /99/Models/name/json endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the exportModelDetails function in ModelsHandler.java, where the user-controllable mexport.dir parameter is used to specify the file path for...

8.2CVSS6.1AI score0.00514EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

LiteLLM Reveals Portion of API Key via a Logging File

In berriai/litellm before version 1.44.12, the litellm/litellmcoreutils/litellmlogging.py file contains a vulnerability where the API key masking code only masks the first 5 characters of the key. This results in the leakage of almost the entire API key in the logs, exposing a significant amount ...

7.5CVSS7.2AI score0.00708EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Gradio DOS in multipart boundry while uploading the file

A vulnerability in the file upload process of gradio-app/gradio version @gradio/[email protected] allows for a Denial of Service DoS attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue...

7.5CVSS6AI score0.00744EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

BentoML Denial of Service (DoS) via Multipart Boundary

BentoML version v1.3.4post1 is vulnerable to a Denial of Service DoS attack. The vulnerability can be exploited by appending characters, such as dashes -, to the end of a multipart boundary in an HTTP request. This causes the server to continuously process each character, leading to excessive...

7.5CVSS5.9AI score0.00664EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request

A Denial of Service DoS vulnerability exists in berriai/litellm version v1.44.5. This vulnerability can be exploited by appending characters, such as dashes -, to the end of a multipart boundary in an HTTP request. The server continuously processes each character, leading to excessive resource...

7.5CVSS7.1AI score0.00792EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

composio allows Server-Side Request Forgery (SSRF) in BROWSERTOOL

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOLGOTOPAGE and BROWSERTOOLGETPAGEDETAILS actions...

7.5CVSS6.7AI score0.00679EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

H2O Vulnerable to Denial of Service (DoS) via `/3/ImportFiles` Endpoint

A vulnerability in the /3/ImportFiles endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes a single GET parameter, path, which can be recursively set to reference itself. This leads the server to repeatedly call its own endpoint, eventually...

7.5CVSS7AI score0.00727EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Aim Improper Access Control

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

8.1CVSS6.5AI score0.00702EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Aim allows denial of service due to no timeouts for some tracking server endpoints

In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, causing the server to wait indefinitely for a response. This can lead to a denial of service, as the tracking server does not respond to other requests while waiting. The issue...

7.5CVSS6AI score0.00446EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Gradio Vulnerable to Open Redirect

An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited by sending a crafted request to the application, which results in a 302 redirect to an...

6.1CVSS5.9AI score0.00723EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday3 views

H2O Vulnerable to Denial of Service (DoS) via `HEAD` Request

A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a HEAD request to verify the existence of a specified resource without setting a timeout. An attacker can exploit this by sending multiple requests to an attacker-controll...

7.5CVSS6AI score0.00446EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Prefect CORS (Cross-Origin Resource Sharing) misconfiguration

A CORS Cross-Origin Resource Sharing misconfiguration in prefecthq/prefect prior to version 3.0.3 allows unauthorized domains to access sensitive data. This vulnerability can lead to unauthorized access to the database, resulting in potential data leaks, loss of confidentiality, service disruptio...

7.6CVSS7.1AI score0.00168EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday3 views

PyTorch Lightning denial of service vulnerability

A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the /api/v1/state endpoint of LightningApp. This issue occurs due to improper handling of unexpected state values, which results in the server...

7.5CVSS6AI score0.00588EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday3 views

H2O Vulnerable to Denial of Service (DoS) via Large GZIP Parsing

In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The server becomes unresponsive due to memory exhaustion and a large number of concurrent slow-running jobs. This issue arises from the improper handling...

7.5CVSS6AI score0.00719EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Open WebUI Cross-Site Request Forgery (CSRF) Vulnerability

A vulnerability in open-webui/open-webui versions = 0.3.8 allows remote code execution by non-admin users via Cross-Site Request Forgery CSRF. The application uses cookies with the SameSite attribute set to lax for authentication and lacks CSRF tokens. This allows an attacker to craft a malicious...

8.8CVSS6.8AI score0.00444EPSS
Exploits2References8Affected Software1
PyPA
PyPA
added yesterday3 views

Gunicorn HTTP Request/Response Smuggling vulnerability

Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to the default fallback method of 'Content-Length,' making it vulnerable to TE.CL request smuggling. This vulnerability can lead to cache poisoning, data...

7.5CVSS5.9AI score0.00738EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday3 views

Aim Path Traversal vulnerability

In version 3.22.0 of aimhubio/aim, the LocalFileManager.cleanup function in the aim tracking server accepts a user-specified glob-pattern for deleting files. The function does not verify that the matched files are within the directory managed by LocalFileManager, allowing a maliciously crafted...

7.5CVSS6.1AI score0.00953EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Open WebUI Allows Arbitrary File Write via the `download_model` Endpoint

In version 0.3.8 of open-webui/open-webui, an arbitrary file write vulnerability exists in the downloadmodel endpoint. When deployed on Windows, the application improperly handles file paths, allowing an attacker to manipulate the file path to write files to arbitrary locations on the server's...

7.2CVSS6.8AI score0.01125EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday3 views

Flask-CORS improper regex path matching vulnerability

corydolphin/flask-cors version 5.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex...

5.3CVSS6AI score0.00652EPSS
Exploits1References8Affected Software1
Total number of security vulnerabilities5000