Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
PYSEC-2025-44
  • PyPI/django-helpdesk
  • github.com/django-helpdesk/django-helpdesk
 See record for full details yesterday
  • Fix available
GHSA-8w7f-8pr9-xgwj
  • PyPI/apache-superset
 Apache Superset: Improper authorization bypass on row level security via SQL Injection 2 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-8jw3-6x8j-v96g
  • PyPI/gradio
 Gradio Allows Unauthorized File Copy via Path Manipulation 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2025-43
  • PyPI/vllm
  • github.com/vllm-project/vllm
 See record for full details 2 days ago
  • Fix available
GHSA-94v7-wxj6-r2q5
  • PyPI/multicast
 multicast in source builds from vulnerable setuptools dependency 3 days ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-vrq3-r879-7m65
  • PyPI/vllm
 vLLM Tool Schema allows DoS via Malformed pattern and type Fields 3 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-9hcf-v7m4-6m2j
  • PyPI/vllm
 vLLM allows clients to crash the openai server with invalid regex 3 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-6qc9-v4r8-22xg
  • PyPI/vllm
 vLLM DOS: Remotely kill vllm over http with invalid JSON schema 3 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-c65p-x677-fgj6
  • PyPI/vllm
 vLLM has a Weakness in MultiModalHasher Image Hashing Implementation 3 days ago
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-4qjh-9fv9-r85r
  • PyPI/vllm
 Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching 3 days ago
  • Fix available
  • Severity - 2.6 (Low)
GHSA-j828-28rj-hfhp
  • PyPI/vllm
 vLLM vulnerable to Regular Expression Denial of Service 3 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-w6q7-j642-7c25
  • PyPI/vllm
 vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py` 3 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-r244-wg5g-6w2r
  • PyPI/redshift-connector
 Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin 4 days ago
  • Fix available
  • Severity - 7.0 (High)
GHSA-g99h-56mw-8263
  • PyPI/llama-index-cli
 LLama-Index CLI OS command injection vulnerability 4 days ago
  • Fix available
  • Severity - 7.8 (High)
GHSA-wjrh-hj83-3wh7
  • PyPI/django-select2
 Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking 4 days ago
  • Fix available
  • Severity - 8.2 (High)
MAL-2025-4526
  • PyPI/caixaequ2ahzoop
 Malicious code in caixaequ2ahzoop (PyPI) 5 days ago
  • No fix available
Load more...