Lucene search
K

7035 matches found

PyPA
PyPA
•added yesterday•5 views

Granian vulnerable to DoS via WSGI response header panic

SummaryGranian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malformed output from the application becomes a process abort instead of a...

5.9CVSS6.1AI score0.00222EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added yesterday•5 views

OpenStack Ironic has an Incorrect Resource Transfer Between Spheres

An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...

7.7CVSS6.1AI score0.0044EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•4 views

Ethyca Fides has a Privacy Request Identity Verification Bypass Vulnerability via Duplicate Detection

SummaryFides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request whose identity was never verified. For erasure policies, this can result in unauthorized deletion...

6.1CVSS6AI score0.00313EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added yesterday•5 views

ciguard: discover_pipeline_files follows symlinks out of scan root

SummaryThe discoverpipelinefiles function in src/ciguard/discovery.py introduced in v0.8.0 and used by the MCP scanrepo tool shipped in v0.8.1 walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory t...

3.2CVSS6.1AI score0.00158EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•3 views

ciguard: Container image runs as root (no USER directive)

SummaryThe published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactful...

3CVSS6.1AI score0.00122EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•4 views

PyLoad vulnerable to unauthenticated traceback disclosure via global exception handler in WebUI

Summarypyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions.Because /web/ is reachable without authentication and renders attacker-controlled template names, an unauthenticated user can reliably trigger a server exception for example by requesting a non-existen...

5.3CVSS6.1AI score0.00336EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added yesterday•4 views

Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

SummaryA ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE allows an attacker who can supply Markdown for parsing to cause denial of service. A crafted 58-byte Markdown document blocks the parser for approximately 6 seconds measured on Apple M2, Python 3.14.3, with exponenti...

8.7CVSS6.2AI score0.00481EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•3 views

Paramiko rsakey.py allows the SHA-1 algorithm

In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm...

3.4CVSS6.4AI score0.00114EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•3 views

vLLM Vulnerable to Remote DoS via Special-Token Placeholders

SummaryThis report explains a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder sequences supplied without matching data cause vLLM to index into empty grids during...

7.5CVSS6.2AI score0.00414EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added yesterday•4 views

ciguard: SCA HTTP client reads response body without size cap

SummaryBoth SCA HTTP clients src/ciguard/analyzer/sca/osv.py and src/ciguard/analyzer/sca/endoflife.py call payload = json.loadsresp.read.decode'utf-8' without a maximum-bytes cap. A hostile or compromised endoflife.date / OSV.dev or a successful TLS MITM could return a multi-GB response,...

6.3CVSS6.2AI score0.00301EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•4 views

PPTAgent: Arbitrary File Write + Directory Creation via markdown_table_to_image

SummaryThe markdowntabletoimage tool accepts a caller-controlled path parameter and passes it directly to gethtmltableimage:python pptagent/mcpserver.py:127-143def markdowntabletoimagemarkdowntable: str, path: str, css: str - str: """ Args: path str: The file path where the image will be saved ""...

4.6CVSS6.1AI score0.00198EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•2 views

PPTAgent: Arbitrary File Write via `save_generated_slides`

Summary This vulnerability has been fixed in https://github.com/icip-cas/PPTAgent/commit/418491a9a1c02d9d93194b5973bb58df35cf9d00.The savegeneratedslides MCP tool accepts a pptxpath argument and writes the generated PPTX file to that path without any workspace restriction or path validation:pytho...

4.6CVSS6.1AI score0.00198EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•8 views

requests-hardened is Vulnerable to Server-Side Request Forgery

The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...

6.5CVSS6.2AI score0.00305EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•3 views

wireshark-mcp vulnerable to arbitrary file write via export_objects when WIRESHARK_MCP_ALLOWED_DIRS is not configured

Description Impactwireshark-mcp exposes a wiresharkexportobjects MCP tool that accepts an attacker-controlled destdir parameter and passes it to tshark's --export-objects flag with no mandatory path restriction.The path sandbox alloweddirs is None by default and only activates when the environmen...

6.8CVSS6.2AI score0.00281EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added yesterday•3 views

PPTAgent: Arbitrary Code Execution via Python eval() of LLM-Generated Code with Builtins in Scope

Summary This vulnerability has been fixed in https://github.com/icip-cas/PPTAgent/commit/418491a9a1c02d9d93194b5973bb58df35cf9d00.CodeExecutor.executeactions pptagent/apis.py:126-205 processes LLM-generated slide editing actions using Python's eval: python pptagent/apis.py:184-186partialfunc =...

8.6CVSS6.3AI score0.00144EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•4 views

OpenStack Horizon has Incorrect Behavior Order

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS6.1AI score0.00365EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•6 views

Langchain-Chatchat Uses Insufficiently Random Values

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

2.6CVSS5.3AI score0.00235EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•5 views

Microdot has HTTP response splitting in Response.set_cookie()

ImpactThe Response.setcookie method does not sanitize its string arguments, and in particular will not detect the presence of the \r\n sequence in them. This can be a potential source of header injection attacks.For a header injection attack through this issue to be possible, an attacker must fir...

3.7CVSS6.1AI score0.00215EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•4 views

Pillow has a PDF Parsing Trailer Infinite Loop (DoS)

ImpactAn attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. PatchesPatched version: 12.2.0.PdfParser introduced in Pillow 4.2.0 follows Prev pointers in PDF trailers to read cross-reference sections. If...

5.5CVSS6.9AI score0.00126EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•4 views

IKUS Rdiffweb allows an attacker with any valid or stolen access token to act as other users

IKUS Rdiffweb version 2.10.5 and below have an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or modify...

8.1CVSS6.1AI score0.00245EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added yesterday•5 views

Langchain-Chatchat Uses a Broken or Risky Cryptographic Algorithm

A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...

2.6CVSS5.5AI score0.0014EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•4 views

Langchain-Chatchat has a Race Condition in its OpenAI-Compatible File Upload API

A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component OpenAI-Compatible File Upload API. Such manipulation of the argument file.filename leads to...

2.6CVSS5.4AI score0.00162EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•4 views

Prefect Git Argument Injection in GitRepository Pull Steps

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

6.5CVSS6.3AI score0.00247EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added yesterday•4 views

mem0ai mem0 has an Improper Input Validation Issue

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

6.5CVSS6.2AI score0.00315EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added yesterday•4 views

MindsDB has an Improper Access Control Issue

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS6.6AI score0.00284EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•4 views

Prefect Unauthenticated Event Injection via /api/events/in WebSocket

A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication. The attack may be performed from remote. The exploit has been published and may be...

7.5CVSS6.4AI score0.00421EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added yesterday•4 views

Prefect Auth Bypass via endswith() Health Check Exemption

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

6.9CVSS5.8AI score0.00453EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added yesterday•3 views

pyp2spec is Vulnerable to Code Injection

Impactpyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, so a malicious package can execute arbitrary commands on the build machine.The macro...

7.8CVSS6.3AI score0.00197EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•4 views

SGLang has an Improper Input Validation/Injection Issue

A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A hi...

6.3CVSS5.8AI score0.00368EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•3 views

Prefect SSRF Bypass via DNS Rebinding in validate_restricted_url

A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validaterestrictedurl of the component Webhook/Notification. The manipulation leads to time-of-check time-of-use. It is possible to initiate the attack remotely. The attack is...

5CVSS5.4AI score0.0025EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added yesterday•3 views

mcpo-simple-server has a Path Traversal issue

A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function deletesharedprompt of the file src/mcposimpleserver/services/promptmanager/basemanager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate t...

7.5CVSS6.7AI score0.00512EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•5 views

Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS

ImpactA stored Cross-Site Scripting XSS vulnerability in Jupyter Notebook allows attackers to steal authentication tokens from users who open malicious notebook files and interact with elements that the attacker can make look indistinguishable from legitimate controls single click interaction.The...

8.4CVSS6.3AI score0.00476EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•2 views

pygeoapi 0.23.x: Path Traversal in STAC FileSystemProvider

ImpactA raw string path concatenation vulnerability in pygeoapi's STAC FileSystemProvider plugin can allow for requests to STAC collection based collections to expose directories without authentication. The issue manifests when pygeoapi is deployed without a proxy or web front end that would...

7.5CVSS6AI score0.0051EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•2 views

django-mdeditor is Missing Authentication for Critical Function

All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file...

9.8CVSS6.5AI score0.00308EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•4 views

CKAN has Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql`

ImpactA vulnerability in datastoresearchsql allowed attackers to inject SQL in order to gain access to private resources and PostgreSQL system information. PatchesThe issue has been patched in CKAN 2.10.10 and CKAN 2.11.5 WorkaroundsDisable the DataStore SQL search ckan.datastore.sqlsearch.enable...

9.8CVSS6.1AI score0.01815EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•5 views

CKAN has CSRF exemption primed by anonymous requests

Views can be marked as exempt from CSRF protection Access to the views via tokens or unauthenticated requests marked the endpoint as not requiring CSRF protection. The marking was a member variable in flask-wtf.csrf.CSRFProtect, which was stored as a module level variable in the flaskapp...

6.1CVSS6.1AI score0.00124EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•4 views

AstrBot Makes Use of Hard-coded Password

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...

7.5CVSS6.4AI score0.00288EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•3 views

Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS

ImpactA stored Cross-Site Scripting XSS vulnerability in Jupyter Notebook allows attackers to steal authentication tokens from users who open malicious notebook files and interact with elements that the attacker can make look indistinguishable from legitimate controls single click interaction.The...

8.4CVSS6.3AI score0.00476EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added yesterday•4 views

CKAN has Unauthenticated Authorization Bypass in `datastore_search_sql`

ImpactA vulnerability in datastoresearchsql allowed attackers to bypass authorization in order to gain access to private resources and PostgreSQL system information PatchesThe issue has been patched in CKAN 2.10.10 and CKAN 2.11.5 WorkaroundsDisable the DataStore SQL search...

9.1CVSS6.1AI score0.00367EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•3 views

pygeoapi 0.23.x: Unauthenticated SSRF via OGC API - Processes Subscriber

ImpactOGC API - Process execution requests can use the subscriber object to requests to internal HTTP services. PatchesThe issue has been patched in master branch and made available as part of the 0.23.3 release. The patch disables any HTTP requests made to internal resources by default unless...

8.6CVSS6.1AI score0.00454EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•4 views

sqlite-mcp has an Injection issue

A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

7.5CVSS6.7AI score0.00277EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added yesterday•3 views

mkdocs-mcp-plugin has a Path Traversal issue

A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function readdocument/listdocuments of the file server.py. Performing a manipulation of the argument docsdir/filepath results in path traversal. The attack is possible to be carried out remotely. The exploit has...

7.5CVSS6.6AI score0.00426EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added yesterday•3 views

OpenStack Ironic is Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface...

7.2CVSS6.2AI score0.0057EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•5 views

mcp-url-downloader has a Server-Side Request Forgery issue

A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•3 views

auto-favicon has a Server-Side Request Forgery issue

A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generatefaviconfromurl of the file src/autofavicon/server.py of the component MCP Tool. The manipulation of the argument imageurl results in server-side request forgery...

6.5CVSS6.2AI score0.00201EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•4 views

CKAN has no certificate validation on STMP connection

ImpactConfigured SMTP server may be spoofed with any certificate e.g. self-signed, leaving credentials and all emails sent open to MITM attacks. PatchesThe vulnerability has been patched in CKAN 2.10.10 and CKAN 2.11.5...

8.7CVSS6AI score0.00194EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•3 views

notes-mcp has a Path Traversal issue

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

7.5CVSS6.6AI score0.0041EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•3 views

beets has a Cross-site Scripting vulnerability

During code logic analyis, an area that may lead to unintended behavior under specific conditions was discovered. Overview- Verified Version: 80cd21554124da07d17a4f962c7d770a4f70d0f2- Vulnerability Type: Stored XSS- Affected Location: beetsplug/web/templates/index.html:42- Trigger Scenario:...

6CVSS6.2AI score0.003EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added yesterday•3 views

Apache Airflow's authenticated /ui/dags endpoint did not enforce per-DAG access control on embedded Human-in-the-Loop (HITL) and TaskInstance record

The authenticated /ui/dagsendpoint did not enforce per-DAG access control on embedded Human-in-the-Loop HITL and TaskInstance records: a logged-in Airflow user with read access to at least one DAG could retrieve HITL prompts including their request parameters and full TaskInstance details for DAG...

4.3CVSS6.1AI score0.00352EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added yesterday•3 views

pip Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

5.3CVSS6.4AI score0.00138EPSS
Exploits0References8Affected Software1
Total number of security vulnerabilities7035