pypi
4,980 tracked vulnerabilities.
CVE-2026-34225
MEDIUM
Open WebUI has Blind Server Side Request Forgery in its Image Edit Functionality
Apr 14, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-33858
HIGH
Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API
Apr 13, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1462
HIGH
Safe Mode Bypass in keras-team/keras
Apr 13, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-4810
CRITICAL
NUCLEI
Remote Code Execution in Google Agent Development Kit (ADK)
Apr 13, 2026
EPSS 0.02
CVE-2026-6111
MEDIUM
FoundationAgents MetaGPT common.py decode_image server-side request forgery
Apr 12, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-6110
HIGH
FoundationAgents MetaGPT Tree-of-Thought Solver tot.py generate_thoughts code injection
Apr 12, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-6109
MEDIUM
FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery
Apr 12, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-5059
CRITICAL
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability
Apr 11, 2026
CVSS 9.8
EPSS 0.02
CVE-2026-40178
MEDIUM
ajenti.plugin.core <0.112 2FA - Race Condition
Apr 10, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-40177
HIGH
Password bypass when 2FA is activated
Apr 10, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-39922
MEDIUM
GeoNode < 4.4.5, 5.0.2 SSRF via Service Registration
Apr 10, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-40162
HIGH
Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble
Apr 10, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-40160
MEDIUM
PraisonAIAgents has SSRF via unvalidated URL in `web_crawl` httpx fallback
Apr 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-40159
MEDIUM
PraisonAI Exposes Sensitive Environment Variable via Untrusted MCP Subprocess Execution
Apr 10, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-40158
HIGH
PraisonAI has Improper Control of Generation of Code ('Code Injection') and Protection Mechanism Failure in praisonai
Apr 10, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-40157
HIGH
PraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack`
Apr 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-40156
HIGH
PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading
Apr 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-40086
MEDIUM
Rembg <2.0.75 Custom Model Loading - Path Traversal
Apr 10, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-40217
HIGH
LiteLLM < 2026-04-08 - Remote Code Execution via Guardrails Test Custom Code Endpoint
Apr 10, 2026
CVSS 8.8
EPSS 0.06
CVE-2026-1115
CRITICAL
Stored XSS in parisneo/lollms
Apr 10, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-33551
LOW
OpenStack Keystone <26.1.1 - Privilege Escalation
Apr 10, 2026
CVSS 3.5
EPSS 0.00
CVE-2026-40154
CRITICAL
PraisonAI Affected by Untrusted Remote Template Code Execution
Apr 09, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-40153
HIGH
PraisonAIAgents Affected by Environment Variable Secret Exfiltration via os.path.expandvars() Bypassing shell=False in Shell Tool
Apr 09, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-40152
MEDIUM
PraisonAIAgents <1.5.128 list_files Glob Pattern - Path Traversal
Apr 09, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-40151
MEDIUM
NUCLEI
PraisonAI Affected by Unauthenticated Information Disclosure of Agent Instructions via /api/agents in AgentOS
Apr 09, 2026
CVSS 5.3
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 91
mlflow 76
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 47
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters