Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2025-47452
  • PyPI/secmeasure
 Malicious code in secmeasure (PyPI) 13 hours ago
  • No fix available
MAL-2025-47453
  • PyPI/sisaws
 Malicious code in sisaws (PyPI) 13 hours ago
  • No fix available
MAL-2025-47451
  • PyPI/colorinal
 Malicious code in colorinal (PyPI) 13 hours ago
  • No fix available
MAL-2025-47454
  • PyPI/termncolor
 Malicious code in termncolor (PyPI) 13 hours ago
  • No fix available
GHSA-vv9c-xxg7-wmv7
  • PyPI/invokeai
 InvokeAI has External Control of File Name or Path yesterday
  • No fix available
  • Severity - 8.9 (High)
MAL-2025-47458
  • PyPI/veilcord-tls
 Malicious code in veilcord-tls (PyPI) 2 days ago
  • No fix available
GHSA-4hqq-7q79-932p
  • PyPI/mcp-kubernetes-server
 mcp-kubernetes-server has an OS Command Injection vulnerability 3 days ago
  • No fix available
  • Severity - 3.7 (Low)
GHSA-hjm5-xgj8-vwj6
  • PyPI/mcp-kubernetes-server
 mcp-kubernetes-server has a Command Injection vulnerability 3 days ago
  • No fix available
  • Severity - 3.7 (Low)
GHSA-rcv9-qm8p-9p6j
  • PyPI/transformers
 Hugging Face Transformers library has Regular Expression Denial of Service 4 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-59p9-h35m-wg4g
  • PyPI/transformers
 Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer 12 Sep
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-vcqx-v2mg-7chx
  • PyPI/mcp-neo4j-cypher
 Neo4j Cypher MCP server is vulnerable to DNS rebinding 11 Sep
  • Fix available
  • Severity - 7.4 (High)
GHSA-765j-9r45-w2q2
  • PyPI/flask-appbuilder
 Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods 11 Sep
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-v2p7-4pv4-3wwh
  • PyPI/infrahub-server
 Infrahub: Deleted and expired API tokens can still authenticate 10 Sep
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-9mv7-3c64-mmqw
  • PyPI/xml2rfc
 xml2rfc is vulnerable to arbitrary file reads through prepped files 10 Sep
  • Fix available
  • Severity - 8.7 (High)
GHSA-p2xp-xx3r-mffc
  • PyPI/pyinstaller
 PyInstaller has local privilege escalation vulnerability 10 Sep
  • Fix available
  • Severity - 7.0 (High)
GHSA-7cf7-9wrr-vrf4
  • PyPI/indico
 Indico vulnerable to Cross-Site Scripting via LaTeX math code 10 Sep
  • Fix available
  • Severity - 4.6 (Medium)
Load more...