Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2026-2255
  • PyPI/thisismytest123
 Malicious code in thisismytest123 (PyPI) 7 hours ago
  • No fix available
MAL-2026-2254
  • PyPI/telnyx
 Malicious code in telnyx (PyPI) 10 hours ago
  • No fix available
GHSA-wcjx-v2wj-xg87
  • PyPI/c2cciutils
 C2C CI utils is vulnerable to DoS via pyasn dependency (CVE-2026-30922) 16 hours ago
  • Fix available
  • Severity - 7.5 (High)
MAL-2026-2245
  • PyPI/requests-testik111
 Malicious code in requests-testik111 (PyPI) 17 hours ago
  • No fix available
MAL-2026-2244
  • PyPI/fluxhttp
 Malicious code in fluxhttp (PyPI) 18 hours ago
  • No fix available
MAL-2026-2242
  • PyPI/somepentest-test-package
 Malicious code in somepentest-test-package (PyPI) 19 hours ago
  • No fix available
GHSA-v8hw-mh8c-jxfc
  • PyPI/langflow
 Langflow has Authenticated Code Execution in Agentic Assistant Validation 20 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
MAL-2026-2239
  • PyPI/chaostoolkit-turbulence
 Malicious code in chaostoolkit-turbulence (PyPI) 22 hours ago
  • No fix available
MAL-2026-2240
  • PyPI/magtape
 Malicious code in magtape (PyPI) 22 hours ago
  • No fix available
MAL-2026-2241
  • PyPI/pacbot
 Malicious code in pacbot (PyPI) 22 hours ago
  • No fix available
MAL-2026-2233
  • PyPI/lightmock
 Malicious code in lightmock (PyPI) yesterday
  • No fix available
GHSA-jfjg-vc52-wqvf
  • PyPI/bentoml
 BentoML has Dockerfile Command Injection via system_packages in bentofile.yaml yesterday
  • Fix available
  • Severity - 7.8 (High)
GHSA-7h8w-hj9j-8rjw
  • PyPI/openhands
 OpenHands is Vulnerable to Command Injection through its Git Diff Handler yesterday
  • Fix available
  • Severity - 7.6 (High)
GHSA-7p48-42j8-8846
  • PyPI/streamlit
 Unauthenticated SSRF Vulnerability in Streamlit on Windows (NTLM Credential Exposure) yesterday
  • Fix available
  • Severity - 4.7 (Medium)
GHSA-87mj-5ggw-8qc3
  • PyPI/pypdf
 pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream yesterday
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-wwv8-cqpr-vx3m
  • PyPI/modoboa
 Modoboa has OS Command Injection yesterday
  • Fix available
  • Severity - 7.2 (High)
Load more...