Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2026-595
  • PyPI/morty-package
 Malicious code in morty-package (PyPI) 8 hours ago
  • No fix available
MAL-2026-593
  • PyPI/pypi-package-explore
 Malicious code in pypi-package-explore (PyPI) 9 hours ago
  • No fix available
MAL-2026-590
  • PyPI/pytorch-mutex
 Malicious code in pytorch-mutex (PyPI) 11 hours ago
  • No fix available
GHSA-qh4c-xf7m-gxfc
  • PyPI/vllm
 vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector 11 hours ago
  • Fix available
  • Severity - 7.1 (High)
MAL-2026-562
  • PyPI/tabullates
 Malicious code in tabullates (PyPI) 20 hours ago
  • No fix available
GHSA-63cw-57p8-fm3p
  • PyPI/pytorch
 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files yesterday
  • Fix available
  • Severity - 8.8 (High)
MAL-2026-548
  • PyPI/tabletas
 Malicious code in tabletas (PyPI) yesterday
  • No fix available
GHSA-r2jv-fwfr-4j8c
  • PyPI/askbot
 askbot inexhaustive permissions check allows any user to modify a different user's profile picture yesterday
  • Fix available
  • Severity - 5.3 (Medium)
MAL-2026-547
  • PyPI/solhint-plugin-hyperlane
 Malicious code in solhint-plugin-hyperlane (PyPI) yesterday
  • No fix available
GHSA-2q4j-m29v-hq73
  • PyPI/pypdf
 pypdf has possible Infinite Loop when processing outlines/bookmarks 2 days ago
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-8hf7-h89p-3pqj
  • PyPI/mobsf
 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field 2 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-gcgx-chcp-hxp9
  • PyPI/gakido
 Gakido vulnerable to HTTP Header Injection (CRLF Injection) 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-wp53-j4wj-2cfg
  • PyPI/python-multipart
 Python-Multipart has Arbitrary File Write via Non-Default Configuration 2 days ago
  • Fix available
  • Severity - 8.6 (High)
GHSA-hm8f-75xx-w2vr
  • PyPI/sigstore
 sigstore CSRF possibility in OIDC authentication during signing 2 days ago
  • Fix available
GHSA-6p6h-rqr6-62mv
  • PyPI/gi-docgen
 GI-DocGen vulnerable to Reflected XSS via unescaped query strings 2 days ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-6r62-w2q3-48hf
  • PyPI/bentoml
 BentoML has a Path Traversal via Bentofile Configuration 2 days ago
  • Fix available
  • Severity - 7.4 (High)
Load more...