Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-w832-gg5g-x44m
  • PyPI/datasette
 Open redirect endpoint in Datasette 14 minutes ago
  • Fix available
GHSA-wwqv-p2pp-99h5
  • PyPI/langgraph-checkpoint
 LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer 19 hours ago
  • Fix available
  • Severity - 7.4 (High)
GHSA-gr35-vpx2-qxhc
  • PyPI/weblate
 Weblate leaks the IP of project member inviting user to be reviewer in Audit log 20 hours ago
  • Fix available
  • Severity - 2.6 (Low)
GHSA-frmv-pr5f-9mcr
  • PyPI/django
 Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. 23 hours ago
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-qw25-v68c-qjf3
  • PyPI/django
 Django has a denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows 23 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-m35w-xx8c-6xc7
  • PyPI/doris-mcp-server
 Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode yesterday
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-crvm-xjhm-9h29
  • PyPI/octoprint
 OctoPrint vulnerable to XSS in Action Commands Notification and Prompt yesterday
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-4vcx-3pj3-44m7
  • PyPI/dosage
 Dosage vulnerable to a Directory Traversal through crafted HTTP responses yesterday
  • Fix available
  • Severity - 8.8 (High)
GHSA-vvw2-h478-xwr3
  • PyPI/dspy
 DSPy does not properly restrict file reads yesterday
  • No fix available
  • Severity - 5.9 (Medium)
GHSA-j945-qm58-4gjx
  • PyPI/motioneye
 motionEye vulnerable to RCE via unsanitized motion config parameter 2 days ago
  • Fix available
  • Severity - 7.2 (High)
MAL-2025-49320
  • PyPI/python-requirements-inspector
 Malicious code in python-requirements-inspector (PyPI) 3 days ago
  • No fix available
MAL-2025-49310
  • PyPI/faker-python
 Malicious code in faker-python (PyPI) 3 days ago
  • No fix available
GHSA-vw84-hprm-cxmm
  • PyPI/agno
 Agno session state overwrites between different sessions/users 5 days ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-f556-49jc-4rvc
  • PyPI/ansible
 Ansible does not collect garbage after playbook run 5 days ago
  • Fix available
  • Severity - 5.0 (Medium)
GHSA-97w9-v595-3h5q
  • PyPI/cryptidy
 cryptidy allows code execution via untrusted data due to pickle.loads 6 days ago
  • No fix available
  • Severity - 6.9 (Medium)
GHSA-2qfp-q593-8484
  • PyPI/brotli
 Brotli is vulnerable to a denial of service (DoS) attack due to decompression 6 days ago
  • Fix available
  • Severity - 7.5 (High)
Load more...