Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-crvm-xjhm-9h29
  • PyPI/octoprint
 OctoPrint vulnerable to XSS in Action Commands Notification and Prompt 22 hours ago
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-4vcx-3pj3-44m7
  • PyPI/dosage
 Dosage vulnerable to a Directory Traversal through crafted HTTP responses 22 hours ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-vvw2-h478-xwr3
  • PyPI/dspy
 DSPy does not properly restrict file reads 22 hours ago
  • No fix available
  • Severity - 5.9 (Medium)
GHSA-j945-qm58-4gjx
  • PyPI/motioneye
 motionEye vulnerable to RCE via unsanitized motion config parameter yesterday
  • Fix available
  • Severity - 7.2 (High)
MAL-2025-49320
  • PyPI/python-requirements-inspector
 Malicious code in python-requirements-inspector (PyPI) 2 days ago
  • No fix available
MAL-2025-49310
  • PyPI/faker-python
 Malicious code in faker-python (PyPI) 2 days ago
  • No fix available
GHSA-vw84-hprm-cxmm
  • PyPI/agno
 Agno session state overwrites between different sessions/users 4 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-f556-49jc-4rvc
  • PyPI/ansible
 Ansible does not collect garbage after playbook run 4 days ago
  • Fix available
  • Severity - 5.0 (Medium)
GHSA-97w9-v595-3h5q
  • PyPI/cryptidy
 cryptidy allows code execution via untrusted data due to pickle.loads 5 days ago
  • No fix available
  • Severity - 6.9 (Medium)
GHSA-2qfp-q593-8484
  • PyPI/brotli
 Brotli is vulnerable to a denial of service (DoS) attack due to decompression 5 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-28jp-44vh-q42h
  • PyPI/keras
 Keras keras.utils.get_file API is vulnerable to a path traversal attack 5 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-pfrv-63w8-q7rq
  • PyPI/pdf2zh
 Byaidu PDFMathTranslate vulnerable to open redirect 5 days ago
  • No fix available
  • Severity - 2.0 (Low)
GHSA-273c-4g26-4jpm
  • PyPI/apache-airflow
 Apache Airflow `/api/v2/dagReports` executes DAG Python in API 6 days ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-gp5f-cx7h-8q6f
  • PyPI/apache-airflow
 Apache Airflow's create action can upsert existing Pools/Connections/Variables 6 days ago
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-v3c9-j6h9-66v4
  • PyPI/apache-airflow
 Apache Airflow has a command injection vulnerability in "example_dag_decorator" 6 days ago
  • Fix available
  • Severity - 5.2 (Medium)
GHSA-7p73-8jqx-23r8
  • PyPI/langgraph-checkpoint-sqlite
 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore 6 days ago
  • Fix available
  • Severity - 7.3 (High)
Load more...