26517 matches found
agent-actors (=0.1.0), agent-reader (>=0.2.1 <=0.2.2) +176 more potentially affected by CVE-2023-32785 via langchain (>=0.0.100 <=0.0.246)
langchain PYPI version =0.0.100, =0.2.1, =0.1.0, =0.1.5, =0.0.1, =0.0.1, =0.0.1, =0.0.5, =0.0.14, =0.1.9, =0.0.33, =0.1.0a0, =0.2.0, =0.1.3, =0.1.5 and more Source cves: CVE-2023-32785 Source advisory: OSV:PYSEC-2026-372...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +337 more potentially affected by CVE-2023-6015 via mlflow (>=0.8.2 <=2.8.0)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6015 Source advisory: OSV:PYSEC-2026-420...
wafl-llm (>=0.0.80 <=0.1.0) potentially affected by CVE-2023-43654 via torchserve (=0.7.1)
torchserve PYPI version =0.7.1 is affected by a known vulnerability. The following packages have a transitive dependency on torchserve and may be impacted: - wafl-llm =0.0.80, =0.1.0 Source cves: CVE-2023-43654 Source advisory: OSV:PYSEC-2026-553...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +334 more potentially affected by CVE-2023-6014 via mlflow (>=0.8.2 <=2.7.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6014 Source advisory: OSV:PYSEC-2026-415...
aana (>=0.2.1 <=0.2.4), abao-ai (=0.0.5) +1094 more potentially affected by CVE-2023-48022 +4 more via ray (>=0.5.0 <=2.8.0)
ray PYPI version =0.5.0, =0.2.1, =0.0.6, =0.0.1b1, =0.1.1, =0.2.0, =0.0.2, =0.1.1, =0.2.0, =0.0.1, =0.0.0, =0.2.11 and more Source cves: CVE-2023-48022, CVE-2023-48023, CVE-2023-6019, CVE-2023-6020, CVE-2023-6021 Source advisory: OSV:PYSEC-2026-519...
bookscrape (>=0.0.1.dev1 <=0.0.2b7), codeforlife-portal (>=1.1.1 <=2.28.1) +53 more potentially affected by CVE-2019-19450 via reportlab (>=3.1.44 <=3.5.26)
reportlab PYPI version =3.1.44, =0.0.1.dev1, =1.1.1, =0.7.0, =0.1.0, =0.0.2, =1.1.0, =2.7.0, =2.3.0.18073018, =2.3.0.18070609, =2.3.0.18070422, =0.1.0, =0.733.0, =0.736.0 and more Source cves: CVE-2019-19450 Source advisory: OSV:PYSEC-2026-522...
ablator (>=0.0.1b1 <=0.0.1b2), ablator-ken-test (=0.0.1b2) +254 more potentially affected by CVE-2023-48022 via ray (>=0.5.0 <=2.49.2)
ray PYPI version =0.5.0, =0.0.1b1, =0.1.1, =0.0.3, =0.3.1, =0.1.16, =0.1.4, =0.2.1, =1.1.1, =0.1.3, =1.0.11 and more Source cves: CVE-2023-48022 Source advisory: OSV:PYSEC-2026-517...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +339 more potentially affected by CVE-2023-6018 via mlflow (>=0.8.2 <=2.9.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6018 Source advisory: OSV:PYSEC-2026-417...
aana (>=0.2.1 <=0.2.4), abao-ai (=0.0.5) +1094 more potentially affected by CVE-2023-48022 +4 more via ray (>=0.5.0 <=2.8.0)
ray PYPI version =0.5.0, =0.2.1, =0.0.6, =0.0.1b1, =0.1.1, =0.2.0, =0.0.2, =0.1.1, =0.2.0, =0.0.1, =0.0.0, =0.2.11 and more Source cves: CVE-2023-48022, CVE-2023-48023, CVE-2023-6019, CVE-2023-6020, CVE-2023-6021 Source advisory: OSV:PYSEC-2026-515...
aana (>=0.2.1 <=0.2.4), abao-ai (=0.0.5) +1094 more potentially affected by CVE-2023-48022 +4 more via ray (>=0.5.0 <=2.8.0)
ray PYPI version =0.5.0, =0.2.1, =0.0.6, =0.0.1b1, =0.1.1, =0.2.0, =0.0.2, =0.1.1, =0.2.0, =0.0.1, =0.0.0, =0.2.11 and more Source cves: CVE-2023-48022, CVE-2023-48023, CVE-2023-6019, CVE-2023-6020, CVE-2023-6021 Source advisory: OSV:PYSEC-2026-516...
aind-data-transfer (>=0.1.13 <=0.35.3), aind-dispim-processing (>=0.0.1 <=0.0.4) +25 more potentially affected by CVE-2023-45853 via pyminizip (=0.2.6)
pyminizip PYPI version =0.2.6 is affected by a known vulnerability. The following packages have a transitive dependency on pyminizip and may be impacted: - aind-data-transfer =0.1.13, =0.0.1, =0.3.0, =1.9.32, =0.0.6, =1.1.12, =0.8.0, =0.1.0, =0.0.1, =0.2.0, =0.1.1, =0.1.5 and more Source cves:...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +81 more potentially affected by CVE-2023-25668 via tensorflow-gpu (>=1.10.1 <=2.10.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25668 Source advisory: OSV:PYSEC-2026-550...
llama2-terminal (>=0.1.1 <=0.1.6), mapintel (=1.0.0) potentially affected by CVE-2023-1712 via farm-haystack (>=0.8.0 <=1.12.2)
farm-haystack PYPI version =0.8.0, =0.1.1, =0.1.6 - mapintel =1.0.0 Source cves: CVE-2023-1712 Source advisory: OSV:PYSEC-2026-337...
adaptive-kmpc-py (>=0.1.0 <=0.1.1), aestetik (=0.1.0) +98 more potentially affected by CVE-2024-5980 via lightning (>=1.8.6 <=2.3.2)
lightning PYPI version =1.8.6, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =0.8.3b20230916, =0.8.3b20230916, =0.8.3b20230916, =0.1.1, =0.0.1, =0.5.0a1, =0.0.1rc4796724275121, =0.0.1rc7078377068125 and more Source cves: CVE-2024-5980 Source advisory: OSV:PYSEC-2026-386...
a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +607 more potentially affected by CVE-2023-25668 via tensorflow (>=1.0.1 <=2.11.0rc2)
tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =1.1.0, =0.0.1, =0.2.0, =0.3.1, =0.5.1 and more Source cves: CVE-2023-25668 Source advisory: OSV:PYSEC-2026-548...
adaptive-kmpc-py (>=0.1.0 <=0.1.1), aestetik (=0.1.0) +98 more potentially affected by CVE-2024-5452 via lightning (>=1.8.6 <=2.3.2)
lightning PYPI version =1.8.6, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =0.8.3b20230916, =0.8.3b20230916, =0.8.3b20230916, =0.1.1, =0.0.1, =0.5.0a1, =0.0.1rc4796724275121, =0.0.1rc7078377068125 and more Source cves: CVE-2024-5452 Source advisory: OSV:PYSEC-2026-385...
cifar-10-model (=7.4.0), gamornet-cpu (>=0.2.3 <=0.4.3) +8 more potentially affected by CVE-2023-25668 via tensorflow-cpu (>=1.15.0 <=2.11.0)
tensorflow-cpu PYPI version =1.15.0, =0.2.3, =0.0.5, =1.0.0, =1.8.2, =0.1.3, =0.3.0.dev221212, =0.7.0, =0.7.5 Source cves: CVE-2023-25668 Source advisory: OSV:PYSEC-2026-549...
agentopia (>=0.1.0 <=0.1.5), alaya-py (>=0.15.0.0 <=0.15.0.1) +219 more potentially affected by CVE-2022-37454 via pysha3 (>=0.3.0 <=1.0.2)
pysha3 PYPI version =0.3.0, =0.1.0, =0.15.0.0, =0.4.0a1, =0.1.0, =0.1.22, =0.4.0, =0.4.0a0, =0.1.0a0, =0.4.0a1, =0.1.0, =0.4.0, =0.4.0, =0.4.0, =0.5.2 - ape-frame =0.5.0a0 and more Source cves: CVE-2022-37454 Source advisory: OSV:PYSEC-2026-504...
cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5826 via vanna (>=0.0.30 <=0.0.36)
vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5826 Source advisory: OSV:PYSEC-2026-562...
docsrag (>=0.1.0 <=0.1.6) potentially affected by CVE-2024-23730 via llama-hub (=0.0.25)
llama-hub PYPI version =0.0.25 is affected by a known vulnerability. The following packages have a transitive dependency on llama-hub and may be impacted: - docsrag =0.1.0, =0.1.6 Source cves: CVE-2024-23730 Source advisory: OSV:PYSEC-2026-393...
amlr (>=0.3.6 <=0.4.1), arsa-ml (>=0.1.0 <=0.1.13) +29 more potentially affected by CVE-2024-45758 via h2o (>=3.18.0.8 <=3.46.0.7)
h2o PYPI version =3.18.0.8, =0.3.6, =0.1.0, =0.0.92, =1.0.81, =2019.9.10.14.39.5, =1.0.1, =0.1.20, =0.1.0, =0.1.2, =0.3.2, =0.3.0, =1.0.1.1.4, =0.4.0.dev3, =0.1.0, =3.0.1, =5.4.1 and more Source cves: CVE-2024-45758 Source advisory: OSV:PYSEC-2026-352...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2024-0521 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves: CVE-2024-05...
agenta (>=0.14.1a0 <=0.14.7a1), agentic-devops (>=0.0.5 <=0.0.9) +71 more potentially affected by CVE-2024-5751 via litellm (>=0.1.400 <=1.40.15)
litellm PYPI version =0.1.400, =0.14.1a0, =0.0.5, =0.0.4, =0.2.0, =0.29.0, =0.1.5, =0.1.0, =0.1.0, =0.0.1, =0.114.0, =0.0.1, =0.6.3, =0.7.10 and more Source cves: CVE-2024-5751 Source advisory: OSV:PYSEC-2026-389...
exposeq (>=4.1.3 <=4.6.1), squadds (>=0.0.0 <=0.0.3) potentially affected by CVE-2024-23752 via pandasai (>=1.3.3 <=1.5.11)
pandasai PYPI version =1.3.3, =4.1.3, =0.0.0, =0.0.3 Source cves: CVE-2024-23752 Source advisory: OSV:PYSEC-2026-446...
autoxx (>=0.0.11 <=0.0.13), vuln-demo-math-ops (=1.0.0) potentially affected by CVE-2024-6091 via agpt (=0.2.2)
agpt PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on agpt and may be impacted: - autoxx =0.0.11, =0.0.13 - vuln-demo-math-ops =1.0.0 Source cves: CVE-2024-6091 Source advisory: OSV:PYSEC-2026-257...
aana (>=0.2.1 <=0.2.2.2), ace-context-engineering (>=0.1.3 <=0.1.4) +801 more potentially affected by CVE-2024-3829 via qdrant-client (>=1.0.0 <=1.8.2)
qdrant-client PYPI version =1.0.0, =0.2.1, =0.1.3, =1.0.0, =0.8.1, =0.13.0, =0.1.0, =0.4.0, =1.0.0b251001, =0.1.0, =0.1.1, =0.0.1, =0.1.0 - agentclinic =0.1.0 and more Source cves: CVE-2024-3829 Source advisory: OSV:PYSEC-2026-509...
eisen (=0.1.9), eisen-deploy (>=0.0.1 <=0.0.2) potentially affected by CVE-2024-35198 via torchserve (=0.0.1b20200409)
torchserve PYPI version =0.0.1b20200409 is affected by a known vulnerability. The following packages have a transitive dependency on torchserve and may be impacted: - eisen =0.1.9 - eisen-deploy =0.0.1, =0.0.2 Source cves: CVE-2024-35198 Source advisory: OSV:PYSEC-2026-554...
abi-ds-utils (=1.0.1), acryl-datahub-airflow-plugin (>=0.8.44.4 <=0.11.0rc1) +147 more potentially affected by CVE-2024-25128 via flask-appbuilder (>=1.10.0 <=4.3.10)
flask-appbuilder PYPI version =1.10.0, =0.8.44.4, =0.1.0rc3, =0.1.0, =2022.9.19, =0.2.1, =0.2.9b1, =1.0.7, =0.5.1, =0.2.0, =0.1.0, =1.0.0, =0.0.7, =0.0.1, =0.0.3, =0.0.4 and more Source cves: CVE-2024-25128 Source advisory: OSV:PYSEC-2026-340...
academic-chatgpt (>=0.3.0 <=0.4.1), agentverse (>=0.1.5 <=0.1.8.1) +121 more potentially affected by CVE-2024-1728 via gradio (>=1.7.7 <=4.19.1)
gradio PYPI version =1.7.7, =0.3.0, =0.1.5, =0.0.17, =0.0.2, =0.8.11, =0.7.0.dev134, =0.1.0rc1, =0.0.0, =0.6.14, =0.7.63 and more Source cves: CVE-2024-1728 Source advisory: OSV:PYSEC-2026-345...
bunkoer (=0.0.3), chatmysql (=0.1.14) +13 more potentially affected by CVE-2024-27444 via langchain-experimental (>=0.0.10 <=0.0.50)
langchain-experimental PYPI version =0.0.10, =0.1.0, =0.1.4, =0.1.21, =0.3.0, =0.0.14, =2.0.160, =0.0.3, =1.3.2, =0.2.3, =0.3.1 Source cves: CVE-2024-27444 Source advisory: OSV:PYSEC-2026-375...
akasha-terminal (>=0.8.0 <=0.8.23), coconut-ai (>=0.2.0 <=1.0.0) +7 more potentially affected by CVE-2024-34359 via llama-cpp-python (>=0.2.32 <=0.2.67)
llama-cpp-python PYPI version =0.2.32, =0.8.0, =0.2.0, =0.1.5, =0.0.1, =0.2.2, =0.0.7, =1.8.1.dev11, =0.0.20, =0.0.26 Source cves: CVE-2024-34359 Source advisory: OSV:PYSEC-2026-392...
cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5565 via vanna (>=0.0.30 <=0.0.36)
vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5565 Source advisory: OSV:PYSEC-2026-561...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35058 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35058 Source advisory: OSV:PYSEC-2026-261...
dsipts (>=1.1.5 <=1.1.19), llm-toys (=0.1.1) +2 more potentially affected by CVE-2024-2195 via aim (>=3.17.4 <=3.20.1)
aim PYPI version =3.17.4, =1.1.5, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-2195 Source advisory: OSV:PYSEC-2026-260...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2024-0917 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves: CVE-2024-09...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35056 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35056 Source advisory: OSV:PYSEC-2026-262...
a2grunnerp (>=0.1.0 <=0.1.8), academic-emotion (=0.1.2) +489 more potentially affected by CVE-2024-3660 via keras (>=1.2.1 <=2.13.1)
keras PYPI version =1.2.1, =0.1.0, =0.1.0, =1.3.0, =7.13.1, =1.1.1, =1.8.15, =1.8.17, =0.0.1, =0.0.157, =0.1.18, =1.8.14, =2.2.0 and more Source cves: CVE-2024-3660 Source advisory: OSV:PYSEC-2026-369...
0lever-utils (>=0.0.2 <=0.0.7), accuhit-db (=0.9.1) +484 more potentially affected by CVE-2024-36039 via pymysql (>=0.6.6 <=1.1.0)
pymysql PYPI version =0.6.6, =0.0.2, =2.0.0, =0.1.0, =1.1.4, =0.5.0, =1.0.0a1, =0.2.0, =3.0.0, =0.1.0, =4.2.1 and more Source cves: CVE-2024-36039 Source advisory: OSV:PYSEC-2026-502...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35059 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35059 Source advisory: OSV:PYSEC-2026-264...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35057 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35057 Source advisory: OSV:PYSEC-2026-263...
aiconsole (>=0.2.0 <=0.2.13), aiflows (>=0.1.5 <=1.1.1) +45 more potentially affected by CVE-2024-2952 via litellm (>=0.1.400 <=1.34.0)
litellm PYPI version =0.1.400, =0.2.0, =0.1.5, =0.1.0, =0.0.1, =0.114.0, =0.0.1, =0.6.3, =0.6.0, =0.2.0, =0.2.4, =0.1.11, =0.1.18 - emplode =0.1.0 and more Source cves: CVE-2024-2952 Source advisory: OSV:PYSEC-2026-387...
bento2seldon (>=0.1.0 <=0.4.0), bento2seldon4recsys (>=0.1.0 <=0.1.3) +15 more potentially affected by CVE-2024-2912 via bentoml (>=0.10.1 <=1.2.20)
bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 - tfhubartifact =0.0.4 and more Source cves: CVE-2024-2912 Source advisory: OSV:PYSEC-2026-296...
paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2024-0818 via paddlepaddle (=1.8.5)
paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves: CVE-2024-08...
agentengine (>=0.1.5 <=0.1.8), deepmost (=0.5.2) +13 more potentially affected by CVE-2025-14931 via smolagents (>=0.1.3 <=1.23.0)
smolagents PYPI version =0.1.3, =0.1.5, =0.1.0, =0.1.1, =0.1.1, =0.1.0, =0.16.0, =2.4.0, =0.0.1.dev0, =0.0.1, =0.3.0, =0.3.7 Source cves: CVE-2025-14931 Source advisory: OSV:PYSEC-2026-543...
sigstore (>=3.6.0 <=3.6.1) potentially affected by CVE-2025-52556 via rfc3161-client (>=0.0.4 <=0.1.2)
rfc3161-client PYPI version =0.0.4, =3.6.0, =3.6.1 Source cves: CVE-2025-52556 Source advisory: OSV:PYSEC-2026-525...
a-data-processing (=0.0.1), a-mailx (=0.1.0) +1224 more potentially affected by CVE-2025-68664 via langchain-core (>=0.0.1 <=0.3.8)
langchain-core PYPI version =0.0.1, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =3.2.0, =2.1.7, =0.0.2, =0.0.5 and more Source cves: CVE-2025-68664 Source advisory: OSV:PYSEC-2026-373...
askbob (>=0.0.3 <=0.0.4), botstudio-sdk (>=0.0.3 <=0.0.25) +15 more potentially affected by CVE-2024-49375 via rasa (>=1.10.0 <=3.6.20)
rasa PYPI version =1.10.0, =0.0.3, =0.0.3, =0.0.3a2, =0.23.5, =1.0.2, =0.1.0, =0.2.0, =1.0.3, =0.3.0, =0.0.1a1, =0.1.0, =0.1.0, =1.0.0, =1.1.2 and more Source cves: CVE-2024-49375 Source advisory: OSV:PYSEC-2026-513...
agent-os-server (>=0.4.2 <=0.5.10), aiodatalayer (>=1.0.0 <=2.3.1) +59 more potentially affected by CVE-2025-65896 via asyncmy (>=0.2.10 <=0.2.11)
asyncmy PYPI version =0.2.10, =0.4.2, =1.0.0, =0.5.0, =1.0.8, =2.0.9, =1.0.8, =0.1.0, =1.0.0, =1.3.9, =0.1.1, =0.1.0, =0.2.0, =1.0.0, =0.1.0, =0.3.2 and more Source cves: CVE-2025-65896 Source advisory: OSV:PYSEC-2026-286...
ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-54381 via bentoml (>=1.4.0a2 <=1.4.1)
bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-54381 Source advisory: OSV:PYSEC-2026-297...
biliarchiver (>=0.0.9 <=0.1.20), curation-utils (=0.1.4) +24 more potentially affected by CVE-2025-58438 via internetarchive (>=1.1.0 <=5.4.1)
internetarchive PYPI version =1.1.0, =0.0.9, =0.0.1, =0.1.1, =0.3.0, =0.1.1, =0.1.0, =0.1.25, =0.1.0, =0.1.0, =0.1.0, =0.0.36, =1.0.0, =0.0.18, =0.0.30 and more Source cves: CVE-2025-58438 Source advisory: OSV:PYSEC-2026-357...