Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-8w3f-4r8f-pf53
  • PyPI/pyload-ng
 pyLoad vulnerable to XSS through insecure CAPTCHA 2 days ago
  • Fix available
  • Severity - 9.8 (Critical)
MAL-2025-5847
  • PyPI/vtk-osmesa
 Malicious code in vtk-osmesa (PyPI) 3 days ago
  • No fix available
GHSA-9548-qrrj-x5pj
  • PyPI/aiohttp
 AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections 3 days ago
  • Fix available
  • Severity - 1.7 (Low)
GHSA-q28v-664f-q6wj
  • PyPI/indico
 Indico vulnerability allows attackers to bulk dump user details 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-x8c6-gj59-6rx8
  • PyPI/libp2p
 py-libp2p is vulnerable to DoS attacks through use of large RSA keys 4 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-qxh9-qmf2-rhwc
  • PyPI/roundup
 Roundup is vulnerable to XSS through interactions between URLs and issue tracker templates 4 days ago
  • Fix available
  • Severity - 6.4 (Medium)
PYSEC-2025-69
  • PyPI/roundup
 See record for full details 4 days ago
  • Fix available
MAL-2025-5837
  • PyPI/test-package-avinav
 Malicious code in test-package-avinav (PyPI) 6 days ago
  • No fix available
GHSA-h952-963h-rv99
  • PyPI/executorch
 ExecuTorch vulnerable to Heap-based Buffer Overflow attack 6 days ago
  • No fix available
  • Severity - 8.1 (High)
GHSA-37mw-44qp-f5jm
  • PyPI/transformers
 Transformers is vulnerable to ReDoS attack through its DonutProcessor class 6 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-5hq9-5r78-2gjh
  • PyPI/llama-index
  • PyPI/llama-index-readers-docugami
 LlamaIndex vulnerable to data loss through hash collisions in its DocugamiReader class 10 Jul
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-x698-5hjm-w2m5
  • PyPI/pyload-ng
 pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages 08 Jul
  • No fix available
  • Severity - 7.5 (High)
GHSA-j47q-rc62-w448
  • PyPI/fastapi-guard
 fastapi-guard is vulnerable to ReDoS through inefficient regex 07 Jul
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-q93c-p2mw-p23f
  • PyPI/dagster
 Dagster vulnerable to Path Traversal attack through its /logs endpoint 07 Jul
  • Fix available
  • Severity - 4.4 (Medium)
GHSA-2rhq-96q8-4vjq
  • PyPI/llama-index-core
 LlamaIndex vulnerable to Path Traversal attack through its encode_image function 07 Jul
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2025-65
  • PyPI/llama-index
  • github.com/run-llama/llama_index
 See record for full details 07 Jul
  • Fix available
Load more...