Lucene search
K
PypaMost viewed

5612 matches found

PyPA
PyPA
added yesterday2 views

Open Redirect Vulnerability in Taguette

SummaryAn Open Redirect vulnerability exists in Taguette that allows attackers to craft malicious URLs that redirect users to arbitrary external websites after authentication. This can be exploited for phishing attacks where victims believe they are interacting with a trusted Taguette instance bu...

6.1CVSS6AI score0.00228EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

Weblate has improper validation upon invitation acceptance

ImpactIt was possible to accept an invitation opened by a different Weblate user. Patches https://github.com/WeblateOrg/weblate/pull/16913 WorkaroundsUsers should avoid leaving Weblate sessions with an unattended opened invitation. ReferencesThanks to Nahid0x for responsibly disclosing this...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

ComposioHQ has a directory traversal vulnerability

Directory Traversal vulnerability in ComposioHQ v.0.7.20 allows a remote attacker to obtain sensitive information via the downloadfileordir function...

7.5CVSS6AI score0.00822EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

HTTP/HTTPS Traffic Interception Bypass in mad-proxy

A vulnerability in mad-proxy versions = 0.3 allows attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic...

5.3CVSS5.9AI score0.00208EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday2 views

Pyrofork has a Path Traversal in download_media Method

SummaryThe downloadmedia method in Pyrofork does not sanitize filenames received from Telegram messages before using them in file path construction. This allows a remote attacker to write files to arbitrary locations on the filesystem by sending a specially crafted document with path traversal...

6.5CVSS6.6AI score0.00266EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

urllib3 streaming API improperly handles highly compressed data

Impacturllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS6.1AI score0.00633EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

urllib3 allows an unbounded number of links in the decompression chain

Impacturllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 e.g., Content-Encoding: gzip, zstd.However, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leadi...

8.9CVSS6AI score0.00633EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

NiceGUI Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection

SummaryA Cross-Site Scripting XSS vulnerability exists in ui.addcss, ui.addscss, and ui.addsass functions in NiceGUI v3.3.1 and earlier.These functions allow developers to inject styles dynamically. However, they lack proper sanitization or encoding for the JavaScript context they generate. An...

6.1CVSS6AI score0.00232EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

Peppol-py is vulnerable to XXE attacks due to Saxon configuration

Peppol-py before 1.1.1 allows XXE attacks because of the Saxon configuration. When validating XML-based invoices, the XML parser could read files from the filesystem and expose their content to a remote host...

5CVSS6AI score0.00299EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

Keras Directory Traversal Vulnerability

SummaryKeras's keras.utils.getfile function is vulnerable to directory traversal attacks despite implementing filtersafepaths. The vulnerability exists because extractarchive uses Python's tarfile.extractall method without the security-critical filter="data" parameter. A PATHMAX symlink resolutio...

9.8CVSS6AI score0.00593EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default

DescriptionThe Model Context Protocol MCP Python SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication using FastMCP with streamable HTTP or SSE transport, and has not configured...

8.1CVSS6AI score0.00463EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Spotipy has a XSS vulnerability in its OAuth callback server

SummaryXSS vulnerability in OAuth callback server allows JavaScript injection through unsanitized error parameter. Attackers can execute arbitrary JavaScript in the user's browser during OAuth authentication. DetailsVulnerable Code: spotipy/oauth2.py lines 1238-1274 RequestHandler.doGETThe...

3.6CVSS6.2AI score0.00138EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

arcade-mcp-server Has Default Hardcoded Worker Secret That Allows Full Unauthorized Access to All HTTP MCP Worker Endpoints

SummaryThe arcade-mcp HTTP server uses a hardcoded default worker secret "dev" that is never validated or overridden during normal server startup. As a result, any unauthenticated attacker who knows this default key can forge valid JWTs and fully bypass the FastAPI authentication layer. This gran...

6.5CVSS6.1AI score0.00281EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

Calibre-Web Has a Stored Cross-Site Scripting (XSS) Vulnerability via the 'username' Field During User Creation

A Stored Cross-Site Scripting XSS vulnerability in Calibre-Web v0.6.25 allows attackers to inject malicious JavaScript into the 'username' field during user creation. The payload is stored unsanitized and later executed when the /ajax/listusers endpoint is accessed...

4.8CVSS6AI score0.00174EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday2 views

vLLM vulnerable to remote code execution via transformers_utils/get_config

Summaryvllm has a critical remote code execution vector in a config class named NemotronNanoVLConfig. When vllm loads a model config that contains an automap entry, the config class resolves that mapping with getclassfromdynamicmodule... and immediately instantiates the returned class. This fetch...

8.8CVSS6.8AI score0.00598EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

trytond does not enforce access rights for data export

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for data export. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

6.5CVSS5.9AI score0.00208EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

SummaryThe fonttools varLib or python3 -m fontTools.varLib script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main code path of fontTools.varLib, used by the fonttools varLib CLI and a...

9.8CVSS6.8AI score0.00496EPSS
Exploits9References6Affected Software1
PyPA
PyPA
added yesterday2 views

trytond allows remote attackers to obtain sensitive trace-back (server setup) information

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

4.3CVSS6AI score0.00251EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

Werkzeug safe_join() allows Windows special device names

Werkzeug's safejoin function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory. sendfromdirectory uses safejoin to safely serve files at user-specified paths under a director...

6.3CVSS5.9AI score0.00474EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU)

ImpactIn affected versions, a specially crafted Brotli-compressed envelope can cause Bugsink to spend excessive CPU time in decompression, leading to denial of service.This can be done if the DSN is known, which it is in many common setups JavaScript, Mobile Apps. PatchesPatched in Bugsink 2.0.6...

7.5CVSS5.9AI score0.00279EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`

SummaryThe /v1/chat/completions and /tokenize endpoints allow a chattemplatekwargs request parameter that is used in the code before it is properly validated against the chat template. With the right chattemplatekwargs parameters, it is possible to block processing of the API server for long...

6.5CVSS5.9AI score0.00319EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

Insecure Deserialization (pickle) in pdfminer.six CMap Loader — Local Privesc

🚀 OverviewThis report demonstrates a real-world privilege escalation vulnerability in pdfminer.six due to unsafe usage of Python's pickle module for CMap file loading.It shows how a low-privileged user can gain root access or escalate to any service account by exploiting insecure deserialization ...

8.6CVSS6.6AI score0.00281EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs

SummaryUsers can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape e.g. hidden dimension is wrong, regardless of whether the model is intended to support such inputs as defined in the Supported Models page.The issue has...

8.3CVSS6AI score0.00331EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input

ImpactIn affected versions, brotli "bombs" highly compressed brotli streams, such as many zeros can be sent to the server. Since the server will attempt to decompress these streams before applying various maximums, this can lead to exhaustion of the available memory and thus a Denial of...

7.5CVSS5.9AI score0.00418EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added yesterday2 views

vLLM deserialization vulnerability leading to DoS and potential RCE

SummaryA memory corruption vulnerability that leading to a crash denial-of-service and potentially remote code execution RCE exists in vLLM versions 0.10.2 and later, in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using...

8.8CVSS6.8AI score0.00831EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

pgAdmin is affected by an LDAP injection vulnerability

pgAdmin = 9.9is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP characters in the username, causing the DC/LDAP server and the client to process an unusual amount of data DOS...

7.5CVSS6AI score0.00362EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

pgAdmin has vulnerability in LDAP authentication mechanism that allows bypassing TLS certificate verification

pgAdmin = 9.9is affected by avulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification...

7.5CVSS5.9AI score0.00181EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode

An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control, allowing modifications that should have been prevented by read-only restrictions.Impact:Bypasses read-only mode; attackers with read-only access may perform unauthorized...

5.4CVSS6AI score0.00336EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer

SummaryPrior to langgraph-checkpoint version 3.0 , LangGraph’s JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a remote code execution RCE vulnerability when deserializing payloads saved in the "json" serialization mode.If an attacker can cause your...

7.4CVSS6.9AI score0.00871EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

Dosage vulnerable to a Directory Traversal through crafted HTTP responses

ImpactWhen downloadinging comic images, Dosage constructs target file names from different aspects of the remote comic page URL, image URL, page content, etc.. While the basename is properly stripped of directory-traversing characters, the file extension is taken from the HTTP Content-Type header...

8.8CVSS6.1AI score0.00443EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Agno session state overwrites between different sessions/users

ImpactUnder certain conditions under high concurrency, when sessionstate is passed to an Agent or Team during run or arun calls, a race condition can occur, causing a sessionstate to be assigned and persisted to the incorrect session. This may result in user data from one session being exposed to...

7.1CVSS5.9AI score0.00146EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday2 views

Apache Airflow `/api/v2/dagReports` executes DAG Python in API

API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...

5.4CVSS6.4AI score0.00476EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

cryptidy allows code execution via untrusted data due to pickle.loads

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

8.8CVSS6.4AI score0.00228EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

AstrBot contains a directory traversal vulnerability

AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function installpluginupload of the interface '/plugin/install-upload' parses the filename from the request body provided by the user, and directly uses the filename to assign to filepath without checking the validi...

8.7CVSS5.9AI score0.00754EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday2 views

DSPy does not properly restrict file reads

The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class...

5.9CVSS6AI score0.00323EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday2 views

OctoPrint vulnerable to XSS in Action Commands Notification and Prompt

ImpactOctoPrint versions up to and including 1.11.3 are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notification and prompt popups generated by the printer.An attacker who successfully convinces a victim to print a specially crafted file...

4.6CVSS5.9AI score0.0015EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

CKAN vulnerable to fixed session IDs

ImpactSession ids could be fixed by an attacker if the site is configured with server-side session storage CKAN uses cookie-based session storage by default. The attacker would need to either set a cookie on the victim's browser or steal the victim's currently valid session. Session identifiers a...

6.1CVSS5.7AI score0.00269EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server

SummaryThe client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. DetailsIt is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...

8.2CVSS6AI score0.00354EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

FastMCP vulnerable to reflected XSS in client's callback page

SummaryWhile setting up an oauth client, it was noticed that the callback page hosted by the client during the flow embeds user-controlled content without escaping or sanitizing it. This leads to a reflected Cross-Site-Scripting vulnerability. DetailsThe affected code is located in...

6.1CVSS6.1AI score0.0025EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday2 views

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF.This vulnerability stems from the way the StringLookup layer is handled during model loading from a...

5.9CVSS6.3AI score0.00239EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

pypdf possibly loops infinitely when reading DCT inline images without EOF marker

ImpactAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. PatchesThis has been fixed in pypdf==6.1.3. WorkaroundsIf you cannot upgrade yet, consider applyi...

8.7CVSS5.8AI score0.00402EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

SummaryLangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization, allowing attackers to inject arbitrary SQL and bypass access controls. Details/langgraph/libs/checkpoint-sqlite/langgraph/store/sqlite/base.pyTh...

7.3CVSS6.1AI score0.00178EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

BBOT's gitlab.py exposes globally configured "gitlab" API key

Summarybbot's gitlab.py sends the user's "gitlab" API key to on-premise GitLab instances.If a user has configured a gitlab.com API key using this mechanism, it may be leaked to an attacker-controlled server. ImpactA user with a "gitlab" API key configured who uses bbot to scan a malicious webserv...

4.7CVSS5.9AI score0.00213EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.The specific flaw...

9.8CVSS6.5AI score0.27133EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

MLflow Weak Password Requirements Authentication Bypass Vulnerability

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of passwords. T...

9.8CVSS6AI score0.01492EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

pg8000 SQL injection vulnerability via a specially crafted Python list input

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

9.6CVSS6.3AI score0.00328EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``

SummaryAn unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial‑of‑service for endpoints serving files e.g., StaticFiles or any use of...

7.5CVSS6AI score0.00638EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

pypdf can exhaust RAM via manipulated LZWDecode streams

ImpactAn attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. PatchesThis has been fixed in pypdf==6.1.3. WorkaroundsIf you cannot upgrade yet, consider applying the changes from PR...

8.7CVSS5.8AI score0.00402EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

llama-index has Insecure Temporary File

The llamaindex library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, dat...

7.8CVSS5.9AI score0.00168EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

Synapse's invalid device keys degrade federation functionality

ImpactLack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. PatchesPatched in Synapse 1.138.3, 1.138.4, 1.139.1...

5.3CVSS5.9AI score0.00434EPSS
Exploits0References12Affected Software1
Total number of security vulnerabilities5000