pypi

4,707 tracked vulnerabilities.

CVE-2026-4810 CRITICAL NUCLEI
Remote Code Execution in Google Agent Development Kit (ADK)
Apr 13, 2026
EPSS 0.05
CVE-2026-6111 MEDIUM
FoundationAgents MetaGPT common.py decode_image server-side request forgery
Apr 12, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-6110 HIGH
FoundationAgents MetaGPT Tree-of-Thought Solver tot.py generate_thoughts code injection
Apr 12, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6109 MEDIUM
FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery
Apr 12, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5059 CRITICAL
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability
Apr 11, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-40178 MEDIUM
ajenti.plugin.core has a race conditions in 2FA
Apr 10, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-40177 HIGH
Password bypass when 2FA is activated
Apr 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-40162 HIGH
Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble
Apr 10, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-40160 MEDIUM
PraisonAIAgents has SSRF via unvalidated URL in `web_crawl` httpx fallback
Apr 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40159 MEDIUM
PraisonAI Exposes Sensitive Environment Variable via Untrusted MCP Subprocess Execution
Apr 10, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40158 HIGH
PraisonAI has Improper Control of Generation of Code ('Code Injection') and Protection Mechanism Failure in praisonai
Apr 10, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-40157 CRITICAL
PraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack`
Apr 10, 2026
EPSS 0.00
CVE-2026-40156 HIGH
PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading
Apr 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-40086 MEDIUM
Rembg has a Path Traversal via Custom Model Loading
Apr 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-40217 HIGH
LiteLLM < 2026-04-08 - Remote Code Execution via Guardrails Test Custom Code Endpoint
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-1115 CRITICAL
Stored XSS in parisneo/lollms
Apr 10, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-33551 LOW
OpenStack Keystone <26.1.1 - Privilege Escalation
Apr 10, 2026
CVSS 3.5
EPSS 0.00
CVE-2026-40154 CRITICAL
PraisonAI Affected by Untrusted Remote Template Code Execution
Apr 09, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-40153 HIGH
PraisonAIAgents Affected by Environment Variable Secret Exfiltration via os.path.expandvars() Bypassing shell=False in Shell Tool
Apr 09, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-40152 MEDIUM
PraisonAIAgents has a Path Traversal via Unvalidated Glob Pattern in list_files Bypasses Workspace Boundary
Apr 09, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-40151 MEDIUM
PraisonAI Affected by Unauthenticated Information Disclosure of Agent Instructions via /api/agents in AgentOS
Apr 09, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-40150 HIGH
PraisonAIAgents has SSRF and Local File Read via Unvalidated URLs in web_crawl Tool
Apr 09, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-40149 HIGH
PraisonAI has an Unauthenticated Allow-List Manipulation Bypasses Agent Tool Approval Safety Controls
Apr 09, 2026
CVSS 7.9
EPSS 0.00
CVE-2026-40148 MEDIUM
PraisonAI Affected by Decompression Bomb DoS via Recipe Bundle Extraction Without Size Limits
Apr 09, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40117 MEDIUM
PraisonAIAgents Affected by Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval Gate
Apr 09, 2026
CVSS 6.2
EPSS 0.00
Products
tensorflow 427 tensorflow-gpu 421 tensorflow-cpu 417 Django 147 apache-airflow 111 Plone 96 open-webui 86 mlflow 70 apache-superset 67 salt 67 ansible 66 pillow 52 nova 48 gradio 46 rdiffweb 43 matrix-synapse 42 pyload-ng 41 vyper 39 vllm 38 keystone 36 moin 35 aiohttp 33 opencv-contrib-python 30 opencv-python 30 PraisonAI 27 pgadmin4 26 pypdf 24 glance 22 langflow 22 ethyca-fides 21
Quick Filters
Critical CVEs With Exploits In CISA KEV