parso is vulnerable to arbitrary code execution. Due to the way grammer parsing is performed from the cache that relies on pickle, this allows deserialization of untrusted data which would allow an attacker to execute malicious code via a malicious pickle. Update: This CVE has since been disputed because the cache directory is not under control of the attacker in any common configuration.