Lucene search
K

7035 matches found

PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

OpenStack's Mistral Client has a local file inclusion vulnerability

The mistral-dashboard plugin for openstack has a local file inclusion vulnerability through the 'Create Workbook' feature that may result in disclosure of arbitrary local files content...

6.5CVSS6AI score0.00399EPSS
Exploits0References11Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

pypdf's LZWDecode streams be manipulated to exhaust RAM

ImpactAn attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter.This is a follow up to GHSA-jfx9-29x2-rv3j to align the default limit with the one for zlib...

8.7CVSS5.8AI score0.0032EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Fugue is Vulnerable to Remote Code Execution by Pickle Deserialization via FlaskRPCServer

SummaryThe Fugue framework implements an RPC server system for distributed computing operations. In the corefunctionality of the RPC server implementation, Ifound thatthedecodefunction infugue/rpc/flask.pydirectly usescloudpickle.loadsto deserialize datawithout any sanitization. This creates a...

8.8CVSS6.8AI score0.00635EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.12 views

motionEye vulnerable to RCE via unsanitized motion config parameter

SummaryA command injection vulnerability in MotionEye allows attackers to achieve Remote Code Execution RCE by supplying malicious values in configuration fields exposed via the Web UI. Because MotionEye writes user-supplied values directly into Motion configuration files without sanitization,...

7.2CVSS6.3AI score0.18993EPSS
Exploits17References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

Apache Airflow has a command injection vulnerability in "example_dag_decorator"

An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...

7.7CVSS6.2AI score0.00448EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Dosage vulnerable to a Directory Traversal through crafted HTTP responses

ImpactWhen downloadinging comic images, Dosage constructs target file names from different aspects of the remote comic page URL, image URL, page content, etc.. While the basename is properly stripped of directory-traversing characters, the file extension is taken from the HTTP Content-Type header...

8.8CVSS6.1AI score0.00443EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Apache Airflow `/api/v2/dagReports` executes DAG Python in API

API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...

5.4CVSS6.4AI score0.00476EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Agno session state overwrites between different sessions/users

ImpactUnder certain conditions under high concurrency, when sessionstate is passed to an Agent or Team during run or arun calls, a race condition can occur, causing a sessionstate to be assigned and persisted to the incorrect session. This may result in user data from one session being exposed to...

7.1CVSS5.9AI score0.00146EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

OctoPrint vulnerable to XSS in Action Commands Notification and Prompt

ImpactOctoPrint versions up to and including 1.11.3 are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notification and prompt popups generated by the printer.An attacker who successfully convinces a victim to print a specially crafted file...

4.6CVSS5.9AI score0.0015EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

SummaryOpen WebUI v0.6.33 and below contains a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers via Server-Sent Event SSE execute events. This leads to authentication token theft, complet...

8CVSS7AI score0.07874EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE

SummaryThe functionality that inserts custom prompts into the chat window is vulnerable to DOM XSS when 'Insert Prompt as Rich Text' is enabled, since the prompt body is assigned to the DOM sink .innerHtml without sanitisation. Any user with permissions to create prompts can abuse this to plant a...

8.7CVSS6.8AI score0.00467EPSS
Exploits2References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

DSPy does not properly restrict file reads

The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class...

5.9CVSS6AI score0.00323EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

cryptidy allows code execution via untrusted data due to pickle.loads

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

8.8CVSS6.4AI score0.00228EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64

AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function encodeimagebs64. Since the encodeimagebs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimac...

7.1CVSS6AI score0.00308EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Byaidu PDFMathTranslate vulnerable to open redirect

An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradioapi endpoint. This vulnerability could be exploited for phishing attacks or ...

6.1CVSS6AI score0.00206EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer

SummaryPrior to langgraph-checkpoint version 3.0 , LangGraph’s JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a remote code execution RCE vulnerability when deserializing payloads saved in the "json" serialization mode.If an attacker can cause your...

7.4CVSS6.9AI score0.00871EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

AstrBot contains a directory traversal vulnerability

AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function installpluginupload of the interface '/plugin/install-upload' parses the filename from the request body provided by the user, and directly uses the filename to assign to filepath without checking the validi...

8.7CVSS5.9AI score0.00754EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode

An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control, allowing modifications that should have been prevented by read-only restrictions.Impact:Bypasses read-only mode; attackers with read-only access may perform unauthorized...

5.4CVSS6AI score0.00336EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation

Scrapy versions up to 2.13.3 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of...

7.5CVSS5.9AI score0.00509EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.11 views

Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``

SummaryAn unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial‑of‑service for endpoints serving files e.g., StaticFiles or any use of...

7.5CVSS6AI score0.00638EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

CKAN vulnerable to fixed session IDs

ImpactSession ids could be fixed by an attacker if the site is configured with server-side session storage CKAN uses cookie-based session storage by default. The attacker would need to either set a cookie on the victim's browser or steal the victim's currently valid session. Session identifiers a...

6.1CVSS5.7AI score0.00269EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

pypdf can exhaust RAM via manipulated LZWDecode streams

ImpactAn attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. PatchesThis has been fixed in pypdf==6.1.3. WorkaroundsIf you cannot upgrade yet, consider applying the changes from PR...

8.7CVSS5.8AI score0.00402EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

CKAN vulnerable to stored XSS in resource description

ImpactThe helpers.markdownextract function did not perform sufficient sanitization of input data before wrapping in an HTML literal element. This helper is used to render user-provided data on dataset, resource, organization or group pages plus any page provided by an extension that used that...

6.3CVSS5.8AI score0.00204EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

pypdf possibly loops infinitely when reading DCT inline images without EOF marker

ImpactAn attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. PatchesThis has been fixed in pypdf==6.1.3. WorkaroundsIf you cannot upgrade yet, consider applyi...

8.7CVSS5.8AI score0.00402EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server

SummaryThe client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. DetailsIt is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...

8.2CVSS6AI score0.00354EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF.This vulnerability stems from the way the StringLookup layer is handled during model loading from a...

5.9CVSS6.3AI score0.00239EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

SummaryA command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor Details1. generatecursordeeplinkservername, … embeds servername verbatim in a cursor://…?name= query string.2...

7.8CVSS6.2AI score0.00206EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

SummaryLangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization, allowing attackers to inject arbitrary SQL and bypass access controls. Details/langgraph/libs/checkpoint-sqlite/langgraph/store/sqlite/base.pyTh...

7.3CVSS6.1AI score0.00178EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

LangGraph's SQLite store implementation has a SQL Injection Vulnerability

A SQL injection vulnerability exists in the langchain-ai/langgraph repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators $eq, $ne, $gt, $lt, $gte, $lt...

7.3CVSS6.1AI score0.00162EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Apache Airflow's create action can upsert existing Pools/Connections/Variables

User with CREATE and no UPDATE privilege for Pools, Connections, Variables could update existing records via bulk create API with overwrite action...

4.6CVSS5.9AI score0.00396EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.13 views

BBOT's gitlab.py exposes globally configured "gitlab" API key

Summarybbot's gitlab.py sends the user's "gitlab" API key to on-premise GitLab instances.If a user has configured a gitlab.com API key using this mechanism, it may be leaked to an attacker-controlled server. ImpactA user with a "gitlab" API key configured who uses bbot to scan a malicious webserv...

4.7CVSS5.9AI score0.00213EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

FastMCP vulnerable to reflected XSS in client's callback page

SummaryWhile setting up an oauth client, it was noticed that the callback page hosted by the client during the flow embeds user-controlled content without escaping or sanitizing it. This leads to a reflected Cross-Site-Scripting vulnerability. DetailsThe affected code is located in...

6.1CVSS6.1AI score0.0025EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

pg8000 SQL injection vulnerability via a specially crafted Python list input

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

9.6CVSS6.3AI score0.00328EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

MLflow Weak Password Requirements Authentication Bypass Vulnerability

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of passwords. T...

9.8CVSS6AI score0.01492EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.The specific flaw...

9.8CVSS6.5AI score0.27335EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Hugging Face Smolagents XPath injection vulnerability in the search_item_ctrl_f function

Hugging Face Smolagents version 1.20.0 contains an XPath injection vulnerability in the searchitemctrlf function located in src/smolagents/visionwebbrowser.py. The function constructs an XPath query by directly concatenating user-supplied input into the XPath expression without proper sanitizatio...

5.4CVSS5.9AI score0.00252EPSS
Exploits2References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

python-ldap has sanitization bypass in ldap.filter.escape_filter_chars

SummaryThe sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and the non-default escapemode=1 is configured. DetailsThe method ldap.filter.escapefilterchars supports 3...

6.9CVSS5.9AI score0.00301EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Mammoth is vulnerable to Directory Traversal

Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the package org.zwobble.mammoth:mammoth before 1.11.0 are vulnerable to Directory Traversal due to the lack of...

9.3CVSS6.1AI score0.00942EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Authlib : JWE zip=DEF decompression bomb enables DoS

SummaryAuthlib’s JWE zip=DEF path performs unbounded DEFLATE decompression. A very small ciphertext can expand into tens or hundreds of megabytes on decrypt, allowing an attacker who can supply decryptable tokens to exhaust memory and CPU and cause denial of service. Details- Affected component:...

6.5CVSS6AI score0.00418EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Home Assistant has Stored XSS vulnerability in Energy dashboard from Energy Entity Name

SummaryAn authenticated party can add a malicious name to the Energy entity, allowing for Cross-Site Scripting attacks against anyone who can see the Energy dashboard, when they hover over any information point The blue bar in the picture belowAn alternative, and more impactful scenario, is that...

9.3CVSS6.1AI score0.00512EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

llama-index has Insecure Temporary File

The llamaindex library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, dat...

7.8CVSS5.9AI score0.00171EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

python-ldap is Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination

Summaryldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to construct DNs from untrusted input can be made to consistently fail before a request is sent to the LDAP serv...

6.9CVSS6.1AI score0.00427EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Synapse's invalid device keys degrade federation functionality

ImpactLack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. PatchesPatched in Synapse 1.138.3, 1.138.4, 1.139.1...

5.3CVSS5.9AI score0.00434EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

pyLoad CNL and captcha handlers allow Code Injection via unsanitized parameters

SummarypyLoad web interface contained insufficient input validation in both the Captcha script endpoint and the Click'N'Load CNL Blueprint. This flaw allowed untrusted user input to be processed unsafely, which could be exploited by an attacker to inject arbitrary content into the web UI or...

8.1CVSS6.5AI score0.00387EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Authlib is vulnerable to Denial of Service via Oversized JOSE Segments

SummaryAuthlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving...

7.5CVSS6.1AI score0.00596EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

reflex-dev/reflex has an Open Redirect vulnerability

MitigationMake sure GITHUBCODESPACESPORTFORWARDINGDOMAIN is not set in a production environment. So the following is correct:assert os.getenv"GITHUBCODESPACESPORTFORWARDINGDOMAIN" is None Vulnerability Description---Vulnerability Overview - When theGET/auth-codespace page loads in a GitHub...

3.1CVSS6.1AI score0.00236EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Nautobot Single Source of Truth (SSoT) has an unauthenticated ServiceNow configuration URL

The servicenow config URL is using a generic django View with no authentication.URL: /plugins/ssot/servicenow/config/ ImpactWhat kind of vulnerability is it? Who is impacted?An Unauthenticated attacker could access this page to view the Service Now public instance name e.g...

5.3CVSS5.9AI score0.00268EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver

SummaryDue to unsafe URL handling, bbot's gitclone.py can be made to leak a user's github.com API key to an attacker-controlled webserver. ImpactA user who has placed their github.com API key in the configuration for any of the following modules: githubcodesearch githubworkflows gitlab gitclone...

4.7CVSS5.9AI score0.00213EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.14 views

Python Social Auth - Django has unsafe account association

ImpactUpon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn't require unique e-mail addresses. Patches...

6.3CVSS6AI score0.00514EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.15 views

clearml is vulnerable to Path Traversal through its `safe_extract` function

A vulnerability in clearml versions before 2.0.2 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical files...

5.8CVSS6.7AI score0.00276EPSS
Exploits0References6Affected Software1
Total number of security vulnerabilities7035