Lucene search
K

7044 matches found

PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Salt vulnerable to directory traversal attack in minion file cache creation

Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory...

4.2CVSS5.9AI score0.00266EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Nautobot may allows uploaded media files to be accessible without authentication

ImpactFiles uploaded by users to Nautobot's MEDIAROOT directory, including DeviceType image attachments as well as images attached to a Location, Device, or Rack, are served to users via a URL endpoint that was not enforcing user authentication. As a consequence, such files can be retrieved by...

6.3CVSS5.9AI score0.00383EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Salt has minion event bus authorization bypass vulnerability

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0...

8.1CVSS6AI score0.00149EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.8 views

Salt vulnerable to arbitrary event injection

Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...

8.1CVSS6AI score0.00159EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.18 views

Salt's salt.auth.pki module does not properly authenticate callers

The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication...

6.4CVSS5.9AI score0.00132EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Requests vulnerable to .netrc credentials leak via malicious URLs

ImpactDue to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. WorkaroundsFor older versions of Requests, use of the .netrc file can be disabled with trustenv=False on your Requests Session docs...

5.3CVSS5.9AI score0.00845EPSS
Exploits1References14Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

OctoPrint Vulnerable to Denial of Service through malformed HTTP request in OctoPrint

ImpactOctoPrint versions up until and including 1.11.1 contain a vulnerability that allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint and through that make the web server component become unresponsive. This could be used to effectively run a...

6.5CVSS5.7AI score0.00223EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

OctoPrint vulnerable to possible file extraction via upload endpoints

ImpactOctoPrint versions up until and including 1.11.1 contain a vulnerability that allows an attacker with the FILEUPLOAD permission to exfiltrate files from the host that OctoPrint has read access to, by moving them into the upload folder where they then can be downloaded from.The primary risk...

5.4CVSS5.8AI score0.00256EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Salt allows arbitrary directory creation or file deletion

Arbitrary directory creation or file deletion. In the findfile method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgtenv” variable. This can be exploited by an attacker to delete any file on the Master's process has permissions to...

6.3CVSS5.9AI score0.00143EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.8 views

Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin

SummaryAmazon Redshift Python Connector is a pure Python connector to Redshift i.e., driver that implements the Python Database API Specification 2.0.When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate...

7.5CVSS6.1AI score0.00251EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

AstrBot Has Path Traversal Vulnerability in /api/chat/get_file

ImpactThis vulnerability may lead to: Information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. ReproduceFollow these steps to set up a test environment for reproducing the vulnerability:1. Install dependencies and clone the repository: bash pip...

7.5CVSS5.8AI score0.00618EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

LLama-Index CLI OS command injection vulnerability

LLama-Index CLI prior to v0.4.1, corresponding to LLama-Index prior to v0.12.21, contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this...

7.8CVSS7.7AI score0.0103EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.8 views

vLLM Tool Schema allows DoS via Malformed pattern and type Fields

SummaryThe vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality is invoked. These inputs are not validated before being compiled or parsed, causing a crash of the inference...

6.5CVSS6AI score0.00449EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking

ImpactInstances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can secret access tokens across requests. This can allow users to access restricted querysets and restricted data. PatchesThe problem has been patched in version 8.4.1 and all following...

8.2CVSS5.8AI score0.00262EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

SignXML's signature verification with HMAC is vulnerable to an algorithm confusion attack

When verifying signatures with X509 certificate validation turned off and HMAC shared secret set signxml.XMLVerifier.verifyrequirex509=False, hmackey=..., prior versions of SignXML are vulnerable to a potential algorithm confusion attack. Unless the user explicitly limits the expected signature...

6.9CVSS5.9AI score0.00192EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.8 views

Apache Superset: Improper authorization bypass on row level security via SQL Injection

An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allowed the execution of sub-queries to evade parsing defenses ultimately granting unauthorized access to data.This issue affects Apac...

7.1CVSS6.2AI score0.00642EPSS
Exploits2References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

ImpactOn Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users.Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...

7.3CVSS5.9AI score0.00154EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

HumanSignal label-studio-ml-backend Deserialization of Untrusted Data vulnerability

A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/labelstudioml/examples/yolo/utils/neuralnets.py of the...

7.8CVSS4.9AI score0.00188EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Aim Vulnerable to Sandbox Escape Leading to Remote Code Execution

A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/storage/query.py of the component runview Object Handler. The manipulation of the argument Query leads to sandbox issue. The attack can be...

9.9CVSS5.4AI score0.0048EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Skyvern has a Jinja runtime leak

Skyvern through 0.2.0 has a Jinja runtime leak in sdk/workflow/models/block.py...

8.5CVSS5.9AI score0.13746EPSS
Exploits6References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

SignXML's signature verification with HMAC is vulnerable to a timing attack

When verifying signatures with X509 certificate validation turned off and HMAC shared secret set signxml.XMLVerifier.verifyrequirex509=False, hmackey=..., prior versions of SignXML are vulnerable to a potential timing attack. The verifier may leak information about the correct HMAC when comparing...

6.9CVSS6AI score0.00199EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.8 views

Gradio CORS Origin Validation Bypass Vulnerability

A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function isvalidorigin of the component CORS Handler. The manipulation of the argument localhostaliases leads to origin validation error. It is possible to initiate the attack remotely. Th...

6.3CVSS4.4AI score0.00224EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.5 views

FunAudioLLM InspireMusic deserialization vulnerability

A vulnerability was found in FunAudioLLM InspireMusic up to bf32364bcb0d136497ca69f9db622e9216b029dd. It has been classified as critical. Affected is the function loadstatedict of the file inspiremusic/cli/model.py of the component Pickle Data Handler. The manipulation leads to deserialization. A...

5.3CVSS5.3AI score0.00163EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration

Affected EnvironmentsNote that this issue only affects the V0 engine, which has been off by default since v0.8.0. Further, the issue only applies to a deployment using tensor parallelism across multiple hosts, which we do not expect to be a common deployment pattern.Since V0 is has been off by...

8CVSS6.5AI score0.00502EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store

SummaryLanceDocChatAgent uses pandas eval through computefromdocs:https://github.com/langroid/langroid/blob/18667ec7e971efc242505196f6518eb19a0abc1c/langroid/vectorstore/base.pyL136-L150As a result, an attacker may be able to make the agent run malicious commands through QueryPlan.dataframecalc...

9.8CVSS5.9AI score0.00482EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

LlamaIndex Vulnerable to Denial of Service (DoS)

A Denial of Service DoS vulnerability has been identified in the KnowledgeBaseWebReader class of the run-llama/llamaindex project, affecting version latestv0.12.15. The vulnerability arises due to inappropriate secure coding measures, specifically the lack of proper implementation of the maxdepth...

7.5CVSS5.8AI score0.00438EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Flask uses fallback key instead of current signing key

In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key.Signing is provided by the itsdangerous library. A list of keys can be passed, and it expects the last top key in the list to be the most...

1.8CVSS6AI score0.0016EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.8 views

Apache Superset Allows Ownership Takeover

Improper Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions.This issue affects Apache Superset: through 4.1.1.Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue...

8.8CVSS6.1AI score0.00972EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

Flask-AppBuilder open redirect vulnerability using HTTP host injection

ImpactFlask-AppBuilder prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests. PatchesFlask-AppBuilder 4.6.2 introduced the FABSAFEREDIRECTHOSTS configuration variable, which allows administrators to explicitly...

6.1CVSS5.9AI score0.00191EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

docarray prototype pollution

A vulnerability was found in docarray up to 0.40.1. It has been rated as critical. Affected by this issue is the function getitem of the file /docarray/data/torchdataset.py of the component Web API. The manipulation leads to improperly controlled modification of object prototype attributes...

8.8CVSS5.4AI score0.00563EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.8 views

Vyper's `slice()` may elide side-effects when output length is 0

Impactthe slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is...

6.3CVSS5.9AI score0.00399EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

Tornado vulnerable to excessive logging caused by malformed multipart form data

SummaryWhen Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the...

7.5CVSS6AI score0.00672EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.4 views

Vyper's `concat()` builtin may elide side-effects for zero-length arguments

Impactconcat may skip evaluation of side effects when the length of an argument is zero. this is due to a fastpath in the implementation which skips evaluation of argument expressions when their length is...

6.3CVSS6AI score0.00386EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

Vulnerable MobSF Versions: = v4.3.2Details:MobSF is a widely adopted mobile application security testing tool used by security teams across numerous organizations. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications...

6.8CVSS6AI score0.00411EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

Rasa Pro Missing Authentication For Voice Connector APIs

VulnerabilityA vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the credentials.yml file. This could allow an attacker to submit voice data to the Rasa Pro assistant from an unauthenticated...

6.5CVSS5.9AI score0.00429EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

AWorld OS Command Injection vulnerability

A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d793dd9a1a950c2af4dd84c4e. It has been rated as critical. This issue affects the function subprocess.run/subprocess.Popen of the file AWorld/aworld/virtualenvironments/terminals/shelltool.py. The manipulation leads to os command...

8.1CVSS5AI score0.03164EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Transformers Regular Expression Denial of Service (ReDoS) vulnerability

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

6.5CVSS5.9AI score0.00384EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

markdownify allows large headline prefixes such as <h9999999>, which causes memory consumption

python-markdownify aka markdownify before 0.14.1 allows large headline prefixes such as in addition to through . This causes memory consumption...

3.3CVSS5.9AI score0.00181EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload

Vulnerable MobSF Versions: = v4.3.2CVSS V4.0 Score: 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:NDetails:A Stored Cross-Site Scripting XSS vulnerability has been identified in MobSF versions ≤ 4.3.2. The vulnerability arises from improper sanitization of user-supplied SVG...

8.6CVSS5.9AI score0.00251EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.9 views

Langroid Allows XXE Injection via XMLToolMessage

SummaryA LLM application leveraging XMLToolMessage class may be exposed to untrusted XML input that could result in DoS and/or exposing local files with sensitive information. DetailsXMLToolMessage uses lxml without...

9.1CVSS5.9AI score0.00545EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

phi4mm: Quadratic Time Complexity in Input Token Processing​ leads to denial of service

SummaryA critical performance vulnerability has been identified in the input preprocessing logic of the multimodal tokenizer. The code dynamically replaces placeholder tokens e.g., , with repeated tokens based on precomputed lengths. Due to ​​inefficient list concatenation operations​​, the...

7.5CVSS5.9AI score0.00426EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

LLaMA-Factory Allows Arbitrary Code Execution via Unsafe Deserialization in Ilamafy_baichuan2.py

DescriptionA critical vulnerability exists in the llamafybaichuan2.py script of the LLaMA-Factory project. The script performs insecure deserialization using torch.load on user-supplied .bin files from an input directory. An attacker can exploit this behavior by crafting a malicious .bin file tha...

7.8CVSS6.3AI score0.00232EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Data exposure via ZeroMQ on multi-node vLLM deployment

ImpactIn a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-node communication purposes. The primary vLLM host opens an XPUB ZeroMQ socket and binds it to ALL interfaces. While the socket is always opened for a multi-node deployment, it is only used when doing tensor parallelism across...

7.5CVSS6.2AI score0.00505EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Crawl4AI SSRF vulnerability

Crawl4AI =0.4.247 is vulnerable to SSRF in /crawl4ai/asyncdispatcher.py...

9.1CVSS5.9AI score0.00323EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.6 views

PyTorch Improper Resource Shutdown or Release vulnerability

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

5.5CVSS4.6AI score0.00287EPSS
Exploits1References11Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"

OverviewOn many platforms, a third party can create a Git repository under a name that includes a shell command substitution ^1 string in the syntax $. These directory names are allowed in macOS and a majority of Linux distributions ^2. If a user starts jupyter-lab in a parent directory of this...

7.4CVSS6.5AI score0.00557EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

Apache Airflow Common SQL Provider Vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Airflow Common SQL Provider.When using the partition clause in SQLTableCheckOperator as parameter which was a recommended pattern, Authenticated UI User could inject arbitrary SQL command wh...

8.8CVSS6.2AI score0.00833EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

InternLM LMDeploy code injection vulnerability

A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has...

7.8CVSS5.4AI score0.00338EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

AWS SAM CLI Path Traversal allows file copy to build container

SummaryThe AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker.When running the AWS SAM CLI build process with Docker and symlinks are included ...

6.9CVSS6AI score0.00724EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2026/07/07 4:2 p.m.7 views

LMDeploy Improper Input Validation Vulnerability

A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been classified as critical. Affected is the function loadweightckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler. The manipulation leads to deserialization. Attacking locally is a requirement...

7.8CVSS5.3AI score0.003EPSS
Exploits1References9Affected Software1
Total number of security vulnerabilities7044