Lucene search
K

7035 matches found

PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

Hugging Face Text Generation Inference vulnerable to Uncontrolled Resource Consumption

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...

7.5CVSS6AI score0.22494EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Llama Stack exposes secret in initialization log

Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...

3.2CVSS5.9AI score0.00219EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

llama-index-core vulnerable to Uncontrolled Resource Consumption

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

5.3CVSS6.2AI score0.0037EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

mlflow Creates of Temporary File in Directory with Insecure Permissions

In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions 0o777. This vulnerability allows an attacker with write access to the /tmp directory to exploit a race condition and overwrite .py files in the virtual...

7CVSS6.2AI score0.00215EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

Lollms has an Improper Access Control vulnerability

A vulnerability in the lollmsgenerationevents.py component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The addevents function registers event handlers such as generatetext, cancelgeneration, generatemsg, and generatemsgfrom without implementing...

8.2CVSS7.2AI score0.00436EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

SummaryA vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to arbitrary code execution. Vulnerability DetailsThe weightsonly=True unpickler...

8.8CVSS6.6AI score0.00695EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

BentoML has a Path Traversal via Bentofile Configuration

SummaryBentoML's bentofile.yaml configuration allows path traversal attacks through multiple file path fields description, docker.setupscript, docker.dockerfiletemplate, conda.environmentyml. An attacker can craft a malicious bentofile that, when built by a victim, exfiltrates arbitrary files fro...

7.4CVSS6.1AI score0.00437EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

askbot inexhaustive permissions check allows any user to modify a different user's profile picture

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users. This issue affects askbot: 0.12.2...

5.3CVSS5.9AI score0.00318EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

Gakido vulnerable to HTTP Header Injection (CRLF Injection)

A vulnerability was discovered in Gakido that allowed HTTP Header Injection through CRLF Carriage Return Line Feed sequences in user-supplied header values and names.When making HTTP requests with user-controlled header values containing \r\n CRLF, \n LF, or \x00 null byte characters, an attacker...

5.3CVSS6AI score0.0036EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.12 views

sigstore CSRF possibility in OIDC authentication during signing

SummaryThe sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. DetailsOAuthSession creates a unique "state" and sends it as a parameter in the authentication request but the "state" in the server response seems not not be cross-checked with this value. Fix shou...

5CVSS5.9AI score0.00158EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

Python-Multipart has Arbitrary File Write via Non-Default Configuration

SummaryA Path Traversal vulnerability exists when using non-default configuration options UPLOADDIR and UPLOADKEEPFILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting a malicious filename. DetailsWhen UPLOADDIR is set and UPLOADKEEPFILENAME is...

8.6CVSS6.1AI score0.02228EPSS
Exploits5References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

pypdf has possible Infinite Loop when processing outlines/bookmarks

ImpactAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. PatchesThis has been fixed in pypdf 6.6.2. WorkaroundsIf projects cannot upgrade yet, consider applying the changes from PR 3610...

5.1CVSS5.8AI score0.00388EPSS
Exploits2References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field

SummaryA Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The android:host attribute from elements is rendered in HTML reports without...

8.1CVSS6.2AI score0.0031EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector

SummaryA Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods obtain and process media from URLs provided by users, using different Python parsing libraries when restricting...

7.1CVSS6.1AI score0.00528EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.12 views

GI-DocGen vulnerable to Reflected XSS via unescaped query strings

A flaw was found in GI-DocGen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...

6.1CVSS6.1AI score0.00337EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

OctoPrint has Timing Side-Channel Vulnerability in API Key Authentication

ImpactOctoPrint versions up to and including 1.11.5 are affected by a theoretical timing attack vulnerability that allows API key extraction over the network.Due to using character based comparison that short-circuits on the first mismatched character during API key validation, rather than a...

6CVSS5.8AI score0.00475EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

Sentencepiece has a a heap overflow issue

Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vulnerable model file, which is not created in the normal training procedure...

8.5CVSS6AI score0.00163EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

AutoGPT is Vulnerable to RCE via Disabled Block Execution

SummaryAutoGPT Platform's block execution endpoints both main web API and external API allow executing blocks by UUID without checking the disabled flag. Any authenticated user can execute the disabled BlockInstallationBlock, which writes arbitrary Python code to the server filesystem and execute...

9.4CVSS6.9AI score0.01147EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.13 views

Langflow affected by Remote Code Execution via validate_code() exec()

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability.The specific...

9.8CVSS6.5AI score0.10371EPSS
Exploits8References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

protobuf affected by a JSON recursion depth bypass

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages.Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supp...

8.2CVSS6AI score0.00613EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Moonraker affected by LDAP search filter injection

ImpactInstances of Moonraker configured with the ldap component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LD...

6.9CVSS6AI score0.0027EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Swing Music has a Directory Traversal & Filesystem can be accessed by a non-admin user

SummarySwing Music's listfolders function in the /folder/dir-browser endpoint is vulnerable to directory traversal attacks. Any authenticated user including non-admin can browse arbitrary directories on the server filesystem. DetailsThe @api.post"/dir-browser" endpoint lacks proper path validatio...

5.3CVSS6.1AI score0.00511EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Tendenci Affected by Authenticated Remote Code Execution via Pickle Deserialization

A critical deserialization vulnerability exists in Tendenci Helpdesk module NOTE, by default, Helpdesk is NOT enabled, affecting the version 15.3.11 and earlier. This vulnerability allows remote code execution RCE by an authenticated user with staff security level due to using Python's pickle...

9.8CVSS6.8AI score0.01338EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

ChatterBot Vulnerable to Denial of Service via Database Connection Pool Exhaustion

SummaryChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service...

7.5CVSS5.9AI score0.00494EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Copier safe template has arbitrary filesystem read access via symlinks when _preserve_symlinks: false

ImpactCopier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently include arbitrary files/directories outside...

6.8CVSS6AI score0.002EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

ImpactCopier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write to arbitrary directories outside the...

7.1CVSS6AI score0.00224EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Chainlit contain a server-side request forgery (SSRF) vulnerability

Chainlit versions prior to 2.9.4 contain a server-side request forgery SSRF vulnerability in the /project/element update flow when configured with the SQLAlchemy data layer backend. An authenticated client can provide a user-controlled url value in an Element, which is fetched by the SQLAlchemy...

8.3CVSS6.3AI score0.04439EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

FastAPI Api Key has a timing side-channel in verify_key that allows statistical key validity detection

ImpactTiming side-channel vulnerability in verifykey. The method applied a random delay only on verification failures, allowing an attacker to statistically distinguish valid from invalid API keys by measuring response latencies. With enough repeated requests, an adversary could infer whether a...

3.7CVSS6AI score0.00254EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

ESPHome vulnerable to denial-of-service via out-of-bounds check bypass in the API component

SummaryAn integer overflow in the API component's protobuf decoder allows denial-of-service attacks when API encryption is not used. DetailsThe bounds check ptr + fieldlength end in components/api/proto.cpp can overflow when a malicious client sends a large fieldlength value. This affects all...

7.5CVSS6AI score0.00273EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

WeasyPrint has a Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect

SummaryA Server-Side Request Forgery SSRF Protection Bypass exists in WeasyPrint's defaulturlfetcher. The vulnerability allows attackers to access internal network resources such as localhost services or cloud metadata endpoints even when a developer has implemented a custom urlfetcher to block...

7.5CVSS6AI score0.00501EPSS
Exploits2References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Wheel Affected by Arbitrary File Permission Modification via Path Traversal in wheel unpack

Summary - Vulnerability Type: Path Traversal CWE-22 leading to Arbitrary File Permission Modification. - Root Cause Component: wheel.cli.unpack.unpack function. - Affected Packages: 1. wheel Upstream source 2. setuptools Downstream, vendors wheel - Severity: High Allows modifying system file...

7.1CVSS6.6AI score0.00311EPSS
Exploits2References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

vLLM affected by RCE via auto_map dynamic module loading during model initialization

SummaryvLLM loads Hugging Face automap dynamic modules during model resolution without gating on trustremotecode, allowing attacker-controlled Python code in a model repo/path to execute at server startup.--- ImpactAn attacker who can influence the model repo/path local directory or remote Huggin...

9.8CVSS6.2AI score0.00737EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

pytest has vulnerable tmpdir handling

pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...

6.8CVSS5.9AI score0.0014EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage

ImpactA PyYAML-related Remote Code Execution RCE vulnerability, namely CVE-2020-14343, is exposed in docling-core =2.21.0, 2.48.4 and, specifically only if the application uses pyyaml 5.4 and invokes doclingcore.types.doc.DoclingDocument.loadfromyaml passing it untrusted YAML data. PatchesThe...

10CVSS6.2AI score0.05984EPSS
Exploits2References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

pyasn1 has a DoS vulnerability in decoder

SummaryAfter reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. DetailsThe integer issue can be found in the decoder as reloid += subId 7 + nextSubId,:...

7.5CVSS5.7AI score0.00679EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Azure Core is vulnerable to deserialization of untrusted data

Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network...

7.5CVSS6.1AI score0.00776EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

BlackSheep's ClientSession is vulnerable to CRLF injection

ImpactThe HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new header or even create a new HTTP request.Exploitation requires developers to pass unsanitized user input...

6.3CVSS6AI score0.00307EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Chainlit contains an authorization bypass vulnerability

Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability. If this vulnerability is exploited, threads may be viewed or thread ownership may be obtained by an attacker who can log in to the product...

4.2CVSS5.9AI score0.00217EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Label Studio is vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field

PrologueThese vulnerabilities have been found and chained by DCODX-AI. Validation of the exploit chain has been confirmed manually. SummaryA persistent stored cross-site scripting XSS vulnerability exists in the customhotkeys functionality of the application. An authenticated attacker or one who...

8.6CVSS5.9AI score0.00243EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.4 views

MLFlow is vulnerable to DNS rebinding attacks due to a lack of Origin header validation

MLFlow versions up to and including 3.4.0 are vulnerable to DNS rebinding attacks due to a lack of Origin header validation in the MLFlow REST server. This vulnerability allows malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. An...

8.1CVSS6AI score0.00193EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

ComfyUI-Manager is Vulnerable to CRLF Injection in Configuration Handler

ImpactVulnerability Type: CRLF Injection via ConfigParserAn attacker can inject special characters into HTTP query parameters to add arbitrary configuration values to the config.ini file. This can lead to security setting tampering or modification of application behavior.Affected Users: Users...

7.5CVSS6.1AI score0.00311EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

virtualenv Has TOCTOU Vulnerabilities in Directory Creation

ImpactTOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv's appdata...

4.5CVSS5.9AI score0.00085EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Weblate wlc has insecure API key configuration

ImpactHistorically, wlc supported providing unscoped API keys in the setting. This practice was discouraged for years, but the code was never removed. This might cause the API key to be used against different server. Patches https://github.com/WeblateOrg/wlc/pull/1098 WorkaroundsRemove unscoped k...

5.5CVSS6AI score0.00164EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Weblate leaks information via screenshots

ImpactThe screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. Patches https://github.com/WeblateOrg/weblate/pull/17516 ReferencesThanks to Lukas May and Michael Leu f...

7.5CVSS5.9AI score0.00323EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

hermes's raw options logging may disclose secrets passed in via subcommand options argument

Thanks, @thunze for reporting this!hermes subcommands take arbitrary options under the -O argument. These have been logged in raw form since https://github.com/softwarepub/hermes/commit/7f64f102e916c76dc44404b77ab2a80f5a4e59b1 in:...

5.9CVSS5.9AI score0.00154EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Weblate wlc path traversal vulnerability: Unsanitized API slugs in download command

ImpactMulti-translation download could write to an arbitrary location when instructed by a crafted server. Patches https://github.com/WeblateOrg/wlc/pull/1128 WorkaroundsDo not use wlc download with untrusted servers. ReferencesThis issue was reported to us by wh1zee via HackerOne...

8CVSS6.1AI score0.00337EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE

SummaryA path traversal vulnerability exists in GuardDog's safeextract function that allows malicious PyPI packages to write arbitrary files outside the intended extraction directory, leading to Arbitrary File Overwrite and Remote Code Execution on systems running GuardDog.CWE: CWE-22 Improper...

9.8CVSS6.2AI score0.00946EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS

SummaryGuardDog's safeextract function does not validate decompressed file sizes when extracting ZIP archives wheels, eggs, allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabytes of disk space from a few megabytes of compressed data. Vulnerabili...

7.5CVSS6AI score0.00431EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock

Vulnerability SummaryTitle: Time-of-Check-Time-of-Use TOCTOU Symlink Vulnerability in SoftFileLockAffected Component: filelock package - SoftFileLock classFile: src/filelock/soft.py lines 17-27CWE: CWE-362, CWE-367, CWE-59--- DescriptionA TOCTOU race condition vulnerability exists in the...

5.3CVSS6AI score0.00115EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

jaraco.context Has a Path Traversal Vulnerability

SummaryThere is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in jaraco.context.tarball function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed.The...

8.6CVSS6AI score0.00527EPSS
Exploits1References8Affected Software1
Total number of security vulnerabilities7035