Lucene search
+L

7044 matches found

PyPA
PyPA
added 2026/02/21 10:16 a.m.2 views

PYSEC-2026-2271

Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable e.g., --dashboard-host=0.0.0.0, a web page via DNS rebinding o...

6.5CVSS6.1AI score0.00256EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/02/21 6:17 a.m.2 views

PYSEC-2026-2320

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

6.3CVSS6AI score0.00556EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2026/02/21 6:17 a.m.2 views

PYSEC-2026-2151

Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs caches not to cache...

4.3CVSS6AI score0.00374EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/02/19 5:24 p.m.12 views

PYSEC-2026-163

Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code execution vulnerability in versions prior to 1.39.4, specifically within the InMemoryVectorStore filter functionality. The problem has been fixed in version python-1.39.4. Users should upgrade this version or higher. As a...

9.9CVSS6.4AI score0.02914EPSS
Exploits2References3Affected Software1
PyPA
PyPA
added 2026/02/19 4:27 p.m.3 views

PYSEC-2026-2182

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Versions prior to 3.3.10 are vulnerable to cross-site scripting when uploading certain file types as materials. Users should upgrade to version 3.3.10 to receive a patch. To apply the...

5.4CVSS6AI score0.00161EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2026/02/19 4:27 p.m.3 views

PYSEC-2026-2181

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Versions prior to 3.3.10 are vulnerable to server-side request forgery. Indico makes outgoing requests to user-provides URLs in various places. This is mostly intentional and part of...

6.9CVSS6.1AI score0.00189EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/02/19 3:16 p.m.3 views

PYSEC-2026-2124

changedetection.io is a free open source web page change detection tool. In versions prior to 0.53.2, the /static// route accepts group="..", which causes sendfromdirectory"static/..", filename to execute. This moves the base directory up to /app/changedetectionio, enabling unauthenticated local...

5.3CVSS6.1AI score0.00917EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/02/19 12:16 a.m.2 views

PYSEC-2026-2309

Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to ssh-add. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management...

9.1CVSS6.1AI score0.00447EPSS
Exploits3References3Affected Software1
PyPA
PyPA
added 2026/02/18 6:24 p.m.12 views

PYSEC-2026-96

A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The unzipiter function in nltk/downloader.py uses zipfile.extractall without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when...

10CVSS7.8AI score0.0079EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/02/18 11:16 a.m.11 views

PYSEC-2026-5

A security flaw has been discovered in admesh up to 0.98.5. This issue affects the function stlchecknormalvector of the file src/normals.c. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the...

7.8CVSS6AI score0.00241EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added 2026/02/17 2:16 p.m.52 views

PYSEC-2026-113

Use After Free vulnerability in Apache Arrow C++.This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...

7CVSS5.6AI score0.00807EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/02/16 11:15 a.m.8 views

PYSEC-2026-110

Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained two security-relevant bugs: It was possible to exfiltrate information...

9CVSS5.8AI score0.00243EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2026/02/16 4:15 a.m.13 views

PYSEC-2026-91

A security vulnerability has been detected in MindsDB up to 25.14.1. This vulnerability affects the function clearfilename of the file mindsdb/utilities/security.py of the component File Upload. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The...

7.3CVSS6AI score0.00226EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/02/13 12:16 p.m.11 views

PYSEC-2026-26

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas.This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version1.12.0.Users are recommended to upgrade to version 1.12.1 or...

7.3CVSS7.2AI score0.00602EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2026/02/12 11:16 p.m.12 views

PYSEC-2026-57

DokuWiki 2018-04-22b contains a username enumeration vulnerability in its password reset functionality that allows attackers to identify valid user accounts. Attackers can submit different usernames to the password reset endpoint and distinguish between existing and non-existing accounts by...

6.9CVSS5.8AI score0.00407EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/02/12 4:16 p.m.15 views

PYSEC-2026-33

Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec. The import builtin was included in the allowed builtins, allowing unauthenticated remote...

10CVSS6.6AI score0.01589EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/02/12 4:16 p.m.13 views

PYSEC-2026-34

Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can...

9.2CVSS6AI score0.00609EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/02/11 9:16 p.m.2 views

PYSEC-2026-2249

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

8.6CVSS6.7AI score0.00367EPSS
Exploits1References25Affected Software1
PyPA
PyPA
added 2026/02/10 10:17 p.m.2 views

PYSEC-2026-2141

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS6.7AI score0.00341EPSS
Exploits0References26Affected Software1
PyPA
PyPA
added 2026/02/09 8:15 p.m.2 views

PYSEC-2026-2195

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, CORSConfig.allowedoriginsregex is constructed using a regex built from configured allowlist values and used with fullmatch for validation. Because metacharacters are not escaped, a malicious origin can match...

7.4CVSS6.1AI score0.00383EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/02/09 8:15 p.m.2 views

PYSEC-2026-2197

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, FileStore maps cache keys to filenames using Unicode NFKD normalization and ord substitution without separators, creating key collisions. When FileStore is used as response-cache backend, an unauthenticated remo...

6.5CVSS6.1AI score0.00412EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/02/09 8:15 p.m.2 views

PYSEC-2026-2196

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, in litestar.middleware.allowedhosts, allowlist entries are compiled into regex patterns in a way that allows regex metacharacters to retain special meaning e.g., . matches any character. This enables a bypass...

6.5CVSS6.1AI score0.00316EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/02/09 11:16 a.m.12 views

PYSEC-2026-12

Apache Airflow versions 3.0.0 - 3.1.7, has vulnerability that allows authenticated UI users with permission to one or more specific Dags to view import errors generated by other Dags they did not have access to. Users are advised to upgrade to 3.1.7 or later, which resolves this issue...

6.5CVSS5.8AI score0.00739EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/02/09 11:16 a.m.13 views

PYSEC-2026-11

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this...

6.5CVSS5.8AI score0.00382EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/02/06 10:16 p.m.2 views

PYSEC-2026-2231

NiceGUI is a Python-based UI framework. The ui.markdown component uses the markdown2 library to convert markdown content to HTML, which is then rendered via innerHTML. By default, markdown2 allows raw HTML to pass through unchanged. This means that if an application renders user-controlled conten...

6.1CVSS6.1AI score0.00241EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/02/06 10:16 p.m.13 views

PYSEC-2026-95

NiceGUI is a Python-based UI framework. Prior to 3.7.0, NiceGUI's FileUpload.name property exposes client-supplied filename metadata without sanitization, enabling path traversal when developers use the pattern UPLOADDIR / file.name. Malicious filenames containing ../ sequences allow attackers to...

7.5CVSS6.5AI score0.03212EPSS
Exploits3References3Affected Software1
PyPA
PyPA
added 2026/02/06 8:16 p.m.10 views

PYSEC-2026-74

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...

9.8CVSS5.7AI score0.05431EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2026/02/03 3:16 p.m.12 views

PYSEC-2026-46

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.FilteredRelation is subject to SQL injection in column aliases via control characters, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet methods annotate, aggregate...

5.4CVSS7.3AI score0.00754EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/02/03 3:16 p.m.11 views

PYSEC-2026-44

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter.Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluated...

5.4CVSS7.4AI score0.09436EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/02/03 3:16 p.m.11 views

PYSEC-2026-45

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS7.1AI score0.00993EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/02/03 3:16 p.m.14 views

PYSEC-2026-47

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28..QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation.Earlier,...

5.4CVSS7.3AI score0.00802EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/02/03 3:16 p.m.10 views

PYSEC-2026-42

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsgi allows remote attackers to enumerate users via a timing attack.Earlier, unsupported Django series such as 5.0.x,...

5.3CVSS5.8AI score0.00713EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/02/03 3:16 p.m.11 views

PYSEC-2026-43

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.ASGIRequest allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers.Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not...

7.5CVSS7.1AI score0.00993EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/02/02 11:16 p.m.13 views

PYSEC-2026-138

A stored cross-site scripting XSS vulnerability in the Forums module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4CVSS5.9AI score0.00235EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/02/02 11:16 p.m.12 views

PYSEC-2026-137

A stored cross-site scripting XSS vulnerability in the Jobs module of Tendenci CMS v15.3.7 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

5.4CVSS5.9AI score0.00235EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/01/30 11:16 p.m.14 views

PYSEC-2026-115

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...

6.1CVSS6AI score0.00345EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/01/30 11:16 p.m.11 views

PYSEC-2026-114

OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...

7.5CVSS7.4AI score0.0098EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/01/30 7:16 p.m.13 views

PYSEC-2026-62

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

8.6CVSS5.8AI score0.00385EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2026/01/28 9:9 p.m.16 views

A single post-release of dydx-v4-client contained obfuscated multi-stage loader

A PyPI user account compromised by an attacker and was able toupload a malicious version 1.1.5.post1 of the dydx-v4-client package.This version contains a highly obfuscated multi-stage loaderthat ultimately executes malicious code on the host system.While the final payload is not visible because ...

5.8AI score
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/01/28 6:16 p.m.12 views

PYSEC-2026-136

Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers to inject malicious formulas during export. Attackers can submit crafted payloads like '=10+20+cmd|' /C calc'!A0' in the message field to trigger arbitrary command execution when...

9.8CVSS6AI score0.10683EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2026/01/27 10:15 p.m.2 views

PYSEC-2026-2286

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

8.8CVSS6.9AI score0.00695EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added 2026/01/22 5:16 p.m.11 views

PYSEC-2026-107

The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents...

7.5CVSS5.8AI score0.0055EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2026/01/21 6:16 p.m.14 views

PYSEC-2026-102

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata...

7.5CVSS5.8AI score0.00362EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/01/21 6:16 p.m.20 views

PYSEC-2026-101

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder...

7.5CVSS5.8AI score0.04549EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2026/01/20 12:15 a.m.4 views

PYSEC-2026-598

Chainlit versions prior to 2.9.4 contain an arbitrary file read vulnerability in the /project/element update flow. An authenticated client can send a custom Element with a user-controlled path value, causing the server to copy the referenced file into the attacker’s session. The resulting element...

7.1CVSS6.2AI score0.08843EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2026/01/16 5:15 p.m.14 views

PYSEC-2026-169

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

6.1CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2026/01/16 11:16 a.m.12 views

PYSEC-2026-10

In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These fields were not treated as sensitive by default and therefore were not automatically masked in log output. As a result,...

7.5CVSS6AI score0.01979EPSS
Exploits0References4Affected Software1
PyPA
PyPA
added 2026/01/16 11:16 a.m.12 views

PYSEC-2026-9

In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed coremaxtemplatedfieldlength, sensitive values could be exposed in cleartext in the Rendered Templates UI. This occurred because serialization of those fields used a secrets masker instance that did not include...

7.5CVSS5.8AI score0.00586EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2026/01/15 2:16 p.m.38 views

PYSEC-2026-73

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading componentin GoogleKeras3.0.0 through 3.13.0on all platformsallows a remote attackerto cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpretervia a crafted .keras archive containin...

7.5CVSS6.8AI score0.00299EPSS
Exploits3References2Affected Software1
PyPA
PyPA
added 2026/01/12 11:15 p.m.14 views

PYSEC-2026-86

LlamaIndex run-llama/llamaindex versions up to and including 0.12.2 contain an uncontrolled resource consumption vulnerability in the VannaPack VannaQueryEngine implementation. The customquery logic generates SQL statements from a user-supplied prompt and executes them via vn.runsql without...

8.7CVSS5.9AI score0.00568EPSS
Exploits1References4Affected Software1
Total number of security vulnerabilities7044