Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
757584
AlmaLinux
5265
Alpaquita
11453
Alpine
4342
Android
2912
Azure Linux
12016
BellSoft Hardened Containers
561
Bitnami
8280
Chainguard
8811
CleanStart
1566
CRAN
14
crates.io
2558
Debian
59678
Echo
4222
GHC
3
GIT
91781
GitHub Actions
54
Go
8128
Hackage
32
Hex
170
Julia
984
Linux
25278
Mageia
6007
Maven
6679
MinimOS
82646
npm
221982
NuGet
1770
opam
19
openEuler
7186
openSUSE
13368
OSS-Fuzz
3964
Packagist
6649
Pub
11
PyPI
22323
Red Hat
21149
Rocky Linux
3596
Root
17355
RubyGems
4547
SUSE
21255
SwiftURL
58
TuxCare
5803
Ubuntu
56981
VSCode
20
Wolfi
6108
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-8f95-v3jq-cj86
PyPI/pymonocypher
pymonocypher: Potential heap buffer overflow on nb_blocks in argon2i_32 when provided buffer is too small
52 minutes ago
Fix available
Severity - 5.1 (Medium)
GHSA-836r-79rf-4m37
PyPI/soupsieve
Soup Sieve: Regular Expression Denial of Service (ReDoS) via Selector Parser
57 minutes ago
Fix available
Severity - 7.5 (High)
GHSA-2wc2-fm75-p42x
PyPI/soupsieve
Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists
57 minutes ago
Fix available
Severity - 7.5 (High)
GHSA-52vm-mxx8-f227
PyPI/phantom-audio
Phantom: Arbitrary file write and decode-bomb DoS via unconfined MCP tool paths
57 minutes ago
Fix available
Severity - 7.7 (High)
GHSA-c2f9-4mc8-j656
PyPI/pyload-ng
pyLoad: Unbounded Memory Growth Leading to DoS and Potential DDoS in EventManager
59 minutes ago
No fix available
Severity - 6.5 (Medium)
GHSA-m5x5-28jr-gpjj
PyPI/pyload-ng
pyLoad: SSRF guard bypass via IPv6 6to4/NAT64 transition wrappers of internal IPs
59 minutes ago
No fix available
Severity - 4.9 (Medium)
MAL-2026-10020
PyPI/playwrightr
Malicious code in playwrightr (PyPI)
2 hours ago
No fix available
MAL-2026-7025
PyPI/tronsev
Malicious code in tronsev (PyPI)
15 hours ago
No fix available
MAL-2026-7023
PyPI/dbzy-tools
Malicious code in dbzy-tools (PyPI)
17 hours ago
No fix available
GHSA-37h2-6p4f-mp3q
PyPI/serena-agent
Serena: Unauthenticated Flask dashboard on fixed port enables DNS rebinding → memory poisoning → RCE
17 hours ago
Fix available
Severity - 8.3 (High)
GHSA-mxwc-wh95-pw4g
PyPI/trapster
Trapster Community: Unauthenticated malformed DNS compression pointers crash per-packet honeypot handler
18 hours ago
No fix available
Severity - 5.3 (Medium)
GHSA-4jhm-jv67-739f
PyPI/lxml-html-clean
`
lxml_html_clean.Cleaner
`
does not strip
`
javascript:
`
URLs from namespaced URL attributes
18 hours ago
Fix available
Severity - 8.2 (High)
MAL-2026-7015
PyPI/turbom
Malicious code in turbom (PyPI)
21 hours ago
No fix available
MAL-2026-7007
PyPI/manom
Malicious code in manom (PyPI)
22 hours ago
No fix available
MAL-2026-7006
PyPI/manik
Malicious code in manik (PyPI)
22 hours ago
No fix available
MAL-2026-6983
PyPI/tronpak
Malicious code in tronpak (PyPI)
23 hours ago
No fix available
Load more...
PyPI - OSV