Lucene search
K

7044 matches found

PyPA
PyPA
added 2026/07/07 4:3 p.m.16 views

Python Social Auth - Django has unsafe account association

ImpactUpon authentication, the user could be associated by e-mail even if the associatebyemail pipeline was not included. This could lead to account compromise when a third-party authentication service does not validate provided e-mail addresses or doesn't require unique e-mail addresses. Patches...

6.3CVSS6AI score0.00514EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

python-ldap is Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination

Summaryldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to construct DNs from untrusted input can be made to consistently fail before a request is sent to the LDAP serv...

6.9CVSS6.1AI score0.00427EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Hugging Face Smolagents XPath injection vulnerability in the search_item_ctrl_f function

Hugging Face Smolagents version 1.20.0 contains an XPath injection vulnerability in the searchitemctrlf function located in src/smolagents/visionwebbrowser.py. The function constructs an XPath query by directly concatenating user-supplied input into the XPath expression without proper sanitizatio...

5.4CVSS5.9AI score0.00252EPSS
Exploits2References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Nautobot Single Source of Truth (SSoT) has an unauthenticated ServiceNow configuration URL

The servicenow config URL is using a generic django View with no authentication.URL: /plugins/ssot/servicenow/config/ ImpactWhat kind of vulnerability is it? Who is impacted?An Unauthenticated attacker could access this page to view the Service Now public instance name e.g...

5.3CVSS5.9AI score0.00268EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

reflex-dev/reflex has an Open Redirect vulnerability

MitigationMake sure GITHUBCODESPACESPORTFORWARDINGDOMAIN is not set in a production environment. So the following is correct:assert os.getenv"GITHUBCODESPACESPORTFORWARDINGDOMAIN" is None Vulnerability Description---Vulnerability Overview - When theGET/auth-codespace page loads in a GitHub...

3.1CVSS6.1AI score0.00236EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Authlib : JWE zip=DEF decompression bomb enables DoS

SummaryAuthlib’s JWE zip=DEF path performs unbounded DEFLATE decompression. A very small ciphertext can expand into tens or hundreds of megabytes on decrypt, allowing an attacker who can supply decryptable tokens to exhaust memory and CPU and cause denial of service. Details- Affected component:...

6.5CVSS6AI score0.00418EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

python-ldap has sanitization bypass in ldap.filter.escape_filter_chars

SummaryThe sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and the non-default escapemode=1 is configured. DetailsThe method ldap.filter.escapefilterchars supports 3...

6.9CVSS5.9AI score0.00301EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

llama-index has Insecure Temporary File

The llamaindex library version 0.12.33 sets the NLTK data directory to a subdirectory of the codebase by default, which is world-writable in multi-user environments. This configuration allows local users to overwrite, delete, or corrupt NLTK data files, leading to potential denial of service, dat...

7.8CVSS5.9AI score0.00171EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

ZenML is vulnerable to Path Traversal through its `PathMaterializer` class

ZenML version 0.83.1 is affected by a path traversal vulnerability in the PathMaterializer class. The load function uses ispathwithindirectory to validate files during data.tar.gz extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file...

7.8CVSS6.2AI score0.00334EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

LLaMA Factory's Chat API Contains Critical SSRF and LFI Vulnerabilities

Summary A Server-Side Request Forgery SSRF vulnerability in the chat API allows any authenticated user to force the server to make arbitrary HTTP requests to internal and external networks. This can lead to the exposure of sensitive internal services, reconnaissance of the internal network, or...

8.1CVSS6.1AI score0.0035EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

mkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholders

ImpactCWE-20: Improper Input ValidationLow impact PatchesPatched in v7.1.8 commit https://github.com/mondeja/mkdocs-include-markdown-plugin/commit/7466d67aa0de8ffbc427204ad2475fed07678915 WorkaroundsNo...

6.5CVSS5.9AI score0.00318EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

LangChain Text Splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing

The HTMLSectionSplitter class in langchain-text-splitters is vulnerable to XML External Entity XXE attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse and lxml.etree.XSLT without any...

7.5CVSS6AI score0.00604EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

DataChain Vulnerable to Deserialization of Untrusted Data from Environment Variables

The DataChain library reads serialized objects from environment variables such as DATACHAINMETASTORE and DATACHAINWAREHOUSE in the loader.py module. An attacker with the ability to set these environment variables can trigger code execution when the application loads...

2.5CVSS6.4AI score0.0015EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.10 views

vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server

SummaryA resource-exhaustion denial-of-service vulnerability exists in multiple endpoints of the OpenAI-Compatible Server due to the ability to specify Jinja templates via the chattemplate and chattemplatekwargs parameters. If an attacker can supply these parameters to the API, they can cause a...

6.5CVSS6.1AI score0.00207EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

SummaryA remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which the attacker previously gained access to the message queue that the servers use...

6.4CVSS7AI score0.00446EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

SPDK is vulnerable to buffer overflow in the NVMe-oF target component

Storage Performance Development Kit SPDK 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf...

5.5CVSS5.9AI score0.00305EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

vLLM is vulnerable to timing attack at bearer auth

SummaryThe API key support in vLLM performed validation using a method that was vulnerable to a timing attack. This could potentially allow an attacker to discover a valid API key using an approach more efficient than brute force...

7.5CVSS6AI score0.00532EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

NiceGUI has a Reflected XSS

SummaryA Cross-Site Scripting XSS risk exists in NiceGUI when developers render unescaped user input into the DOM using ui.html. Before version 3.0, NiceGUI does not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input with ui.html without escapi...

6.1CVSS6.5AI score0.00188EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Litestar X-Forwarded-For Header Spoofing Vulnerability Enables Rate Limit Evasion

While testing Litestar's RateLimitMiddleware, I discovered that rate limits can be completely bypassed by manipulating the X-Forwarded-For header. This renders IP-based rate limiting ineffective against determined attackers. The ProblemLitestar's RateLimitMiddleware uses cachekeyfromrequest to...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class

SummaryA Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows ...

7.1CVSS5.8AI score0.00231EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.17 views

clearml is vulnerable to Path Traversal through its `safe_extract` function

A vulnerability in clearml versions before 2.0.2 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical files...

5.8CVSS6.7AI score0.00276EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Django vulnerable to partial directory traversal via archives

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...

6.5CVSS6AI score0.0085EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Llama Stack could potentially allow for remote code execution

Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolveastbytype function which could potentially allow for remote code execution...

5.3CVSS6.2AI score0.0047EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

JupyterLab LaTeX typesetter links did not enforce `noopener` attribute

Links generated with LaTeX typesetters in Markdown files and Markdown cells in JupyterLab and Jupyter Notebook did not include the noopener attribute.This is deemed to have no impact on the default installations. Theoretically users of third-party LaTeX-rendering extensions could find themselves...

4.3CVSS6AI score0.0021EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)

SummaryAuthlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header for example, bork or cnf that strict verifiers reject but Authlib accepts. In...

7.5CVSS6AI score0.00244EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

ml-logger file handler allows reading arbitrary files

A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...

6.9CVSS5.5AI score0.0034EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

llama-index-core insecurely handles temporary files

The llama-index-core package, up to version 0.12.44, contains a vulnerability in the getcachedir function where a predictable, hardcoded directory path /tmp/llamaindex is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal...

7.3CVSS5.9AI score0.00134EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Hugging Face Transformers library has Regular Expression Denial of Service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalizenumbers method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises fro...

5.3CVSS6.1AI score0.00349EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

ml-logger has path traversal in the file argument

A vulnerability was identified in geyang ml-logger 0.10.36 and prior. Affected by this vulnerability is the function loghandler of the file mllogger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit is publicly...

7.5CVSS5.8AI score0.00558EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

mcp-kubernetes-server has a Command Injection vulnerability

mcp-kubernetes-server does not correctly enforce the --disable-write / --disable-delete protections when commands are chained. The server only inspects the first token to decide whether an operation is write/delete, which allows a read-like command to be followed by a write action using shell...

5.3CVSS6.2AI score0.00281EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

pip's fallback tar extraction doesn't check symbolic links point to extraction directory

When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by using a Python versi...

5.9CVSS5.9AI score0.00438EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

7.5CVSS5.9AI score0.00467EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

ml-logger deserialization vulnerability

A vulnerability was determined in geyang ml-logger 0.10.36 and prior. Affected is the function loghandler of the file mllogger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack remotely. The exploit has be...

6.5CVSS5.6AI score0.00288EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods

ImpactWhen Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create J...

6.5CVSS5.9AI score0.00376EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

xml2rfc is vulnerable to arbitrary file reads through prepped files

ImpactWhen generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the prepped RFCXML. WorkaroundsTest untrusted input with link elements with rel="attachment" before processing. ReferencesThis is related to...

8.7CVSS6AI score0.00278EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload

ImpactOctoPrint versions up until and including 1.11.2 contain a vulnerability that allows an authenticated attacker to upload a file under a specially crafted filename that will allow arbitrary command execution if said filename becomes included in a command defined in a system event handler and...

8.8CVSS6AI score0.19313EPSS
Exploits4References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

copyparty: Sharing a single file does not fully restrict access to other files in source folder

There was a missing permission-check in the shares feature the shr global-option.When a share is created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames.It was not possible to descend into subdirectories in this manner; onl...

7.5CVSS6AI score0.00344EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer

A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically affecting the MarianTokenizer's removelanguagecode method. This vulnerability is present in version 4.52.4 and has been fixed in version 4.53.0. The issue arises from...

7.5CVSS5.9AI score0.00483EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

PyInstaller has local privilege escalation vulnerability

ImpactDue to a special entry being appended to sys.path during the bootstrap process of a PyInstaller-frozen application, and due to the bootstrap script attempting to load an optional module for bytecode decryption while this entry is still present in sys.path, an application built with...

7CVSS6.5AI score0.00114EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Neo4j Cypher MCP server is vulnerable to DNS rebinding

ImpactDNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS6AI score0.00206EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Fides Webserver API is Vulnerable to OAuth Client Privilege Escalation

SummaryThe OAuth client creation and update endpoints of the Fides Webserver API do not properly authorize scope assignment. This allows highly privileged users with client:create or client:update permissions to escalate their privileges to owner-level. DetailsWhen creating or updating OAuth...

8.6CVSS6AI score0.00392EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.6 views

Infrahub: Deleted and expired API tokens can still authenticate

ImpactA bug in the authentication logic will cause API tokens that were deleted and/or expired to be considered valid. This means that any API token that is associated with an active user account can authenticate successfully. PatchesThis issue is fixed in versions 1.3.9 and 1.4.5 WorkaroundsUser...

5.5CVSS5.9AI score0.00177EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Indico may disclose unauthorized user details access via legacy API

ImpactA legacy API to retrieve user details could be misused to retrieve profile details of other users without having admin permissions due to a broken access check. PatchesYou should to update to Indico 3.3.8 as soon as possible.See the docs for instructions on how to update. WorkaroundsIt is...

4.3CVSS6AI score0.00235EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Indico vulnerable to Cross-Site Scripting via LaTeX math code

ImpactThere is a Cross-Site-Scripting vulnerability when rendering LaTeX math code in contribution or abstract descriptions. PatchesYou should to update to Indico 3.3.8 as soon as possible.See the docs for instructions on how to update. WorkaroundsOnly let trustworthy users create content on...

5.4CVSS6.1AI score0.00189EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

SGLang Remote Code Execution Vulnerability via Unsafe Deserialization in update_weights_from_tensor

A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...

7.5CVSS5.6AI score0.00376EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

xgrammar vulnerable to denial of service by huge enum grammar

SummaryProvided grammar, would fit in a context window of most of the models, but takes minutes to process in 0.1.23. In testing with 0.1.16 the parser worked fine so this seems to be a regression caused by Earley parser. DetailsFull reproducer provider in the POC section. The resulting grammar i...

7.5CVSS5.9AI score0.00495EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.9 views

Fides Webserver API Rate Limiting Vulnerability in Proxied Environments

SummaryThe Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs rather than client IPs, and stores counters in-memory rather than in a...

7.5CVSS5.9AI score0.00406EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.8 views

Fides' Admin UI User Password Change Does Not Invalidate Current Session

SummaryAdmin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS can maintain access even after password reset. This issue is not directly...

6.3CVSS5.8AI score0.00275EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.14 views

Weblate has a long session expiry when verifying second factor

ImpactThe verification of the second factor had too long a session expiry. The long session expiry could be used to circumvent rate limiting of the second factor. PatchesThis issue has been addressed in Weblate 5.13.1 via https://github.com/WeblateOrg/weblate/pull/16002. ReferencesThanks to Nahid...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:3 p.m.7 views

Fides has a Lack of Brute-Force Protections on Authentication Endpoints

SummaryThe Fides Admin UI login endpoint relies on a general IP-based rate limit for all API traffic and lacks specific anti-automation controls designed to protect against brute-force attacks. This could allow attackers to conduct credential testing attacks, such as credential stuffing or passwo...

6.5CVSS5.9AI score0.00277EPSS
Exploits0References7Affected Software1
Total number of security vulnerabilities7044