pypi
4,986 tracked vulnerabilities.
CVE-2025-65719
CRITICAL
Kubectl MCP Server 1.1.1 - Remote Code Execution
May 12, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-55449
HIGH
AstrBotDevs AstrBot 3.5.15 - Auth Bypass
May 08, 2026
CVSS 7.3
EPSS 0.00
CVE-2025-61669
MEDIUM
jupyter_server next parameter open redirect can redirect users to external domains
May 05, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-67796
HIGH
IKUS Rdiffweb <2.10.5 - Privilege Escalation
May 04, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-13030
HIGH
django-mdeditor < 0.1.20 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Image Upload Endpoint
Apr 30, 2026
CVSS 7.1
EPSS 0.00
CVE-2025-62373
CRITICAL
Pipecat vulnerable to Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer
Apr 23, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-66335
MEDIUM
Apache Doris MCP Server: MCP SQL inject
Apr 20, 2026
CVSS 5.3
EPSS 0.01
CVE-2025-54550
HIGH
Apache Airflow: RCE by race condition in example_xcom dag
Apr 15, 2026
CVSS 8.1
EPSS 0.01
CVE-2025-66236
HIGH
Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI
Apr 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-57735
CRITICAL
Apache Airflow: Airflow Logout Not Invalidating JWT
Apr 09, 2026
CVSS 9.1
EPSS 0.01
CVE-2025-64340
MEDIUM
FastMCP <3.2.0 Gemini CLI Install - Command Injection
Apr 03, 2026
CVSS 6.7
EPSS 0.01
CVE-2025-15379
CRITICAL
Command Injection in mlflow/mlflow
Mar 30, 2026
CVSS 9.8
EPSS 0.02
CVE-2025-15036
CRITICAL
Path Traversal Vulnerability in mlflow/mlflow
Mar 30, 2026
CVSS 10.0
EPSS 0.01
CVE-2025-15381
HIGH
Unauthorized Access to Tracing and Assessment Endpoints in mlflow/mlflow
Mar 27, 2026
CVSS 7.1
EPSS 0.00
CVE-2025-70887
HIGH
Signify <0.9.2 - Privilege Escalation
Mar 25, 2026
CVSS 8.8
EPSS 0.00
CVE-2025-15031
CRITICAL
Path Traversal Vulnerability in mlflow/mlflow
Mar 18, 2026
CVSS 9.1
EPSS 0.01
CVE-2025-69196
MEDIUM
FastMCP OAuth Proxy token reuse across MCP servers
Mar 16, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-14287
HIGH
mlflow/mlflow <3.7.0 - Command Injection
Mar 16, 2026
CVSS 8.8
EPSS 0.01
CVE-2025-69219
HIGH
apache-airflow-providers-http < 6.0.0 - Authenticated Remote Code Execution via Crafted Database Entry
Mar 09, 2026
CVSS 8.8
EPSS 0.01
CVE-2025-45691
HIGH
RAGAS 0.2.3-0.2.14 - Path Traversal
Mar 05, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-69534
HIGH
Python-Markdown < 3.8.1 - Unauthenticated Denial of Service via Malformed HTML-like Sequence
Mar 05, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-27555
MEDIUM
Apache Airflow < 2.11.1 - Authenticated Sensitive Information Exposure in Audit Logs
Feb 24, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-65995
MEDIUM
Airflow <3.1.4/2.11.1 - Info Disclosure
Feb 21, 2026
CVSS 6.5
EPSS 0.01
CVE-2025-14009
HIGH
nltk < 3.9.3 - Remote Code Execution via Malicious Zip Package Extraction
Feb 18, 2026
CVSS 8.8
EPSS 0.01
CVE-2025-33253
HIGH
NVIDIA NeMo Framework <=2.6.1 - Malicious File Deserialization Remote Code Execution
Feb 18, 2026
CVSS 7.8
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 91
mlflow 76
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters