pypi
4,708 tracked vulnerabilities.
CVE-2025-58756
HIGH
MONAI < 1.5.0 - Deserialization of Untrusted Data via Checkpoint Loading
Sep 09, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-58755
HIGH
MONAI < 1.5.0 - Path Traversal via Zip File Extraction
Sep 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-57817
HIGH
Fides < 2.69.1 - Missing Authorization in OAuth Client Scope Assignment
Sep 08, 2025
CVSS 7.2
EPSS 0.00
CVE-2025-57816
HIGH
Fides < 2.69.1 - Denial of Service via Ineffective IP-Based Rate Limiting
Sep 08, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-57815
MEDIUM
Fides < 2.69.1 - Excessive Authentication Attempts via Admin UI Login Endpoint
Sep 08, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-57766
MEDIUM
Fides < 2.69.1 - Insufficient Session Expiration after Password Change
Sep 08, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-58446
HIGH
xgrammar >=0.1.23 <0.1.24 - Denial of Service via Grammar Optimizer
Sep 06, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58438
CRITICAL
internetarchive <5.5.0 - Path Traversal
Sep 06, 2025
EPSS 0.04
CVE-2025-58367
CRITICAL
deepdiff 5.0.0-8.6.0 - Remote Code Execution via Delta Class Pollution and Pickle Deserialization
Sep 05, 2025
EPSS 0.00
CVE-2025-55671
HIGH
TkEasyGUI < 1.0.22 - Uncontrolled Search Path Element
Sep 05, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-55037
CRITICAL
TkEasyGUI <1.0.22 - Command Injection
Sep 05, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-58352
MEDIUM
Weblate < 5.13.1 - Insufficient Session Expiration during Second Factor Verification
Sep 05, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-9636
HIGH
pgAdmin <= 9.7 - Cross-Origin Opener Policy Bypass via OAuth Flow Manipulation
Sep 04, 2025
CVSS 7.9
EPSS 0.00
CVE-2025-6984
HIGH
NUCLEI
langchain-community < 0.3.27 - XML External Entity Injection in EverNoteLoader
Sep 04, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-57833
HIGH
Django 4.2-4.2.23, 5.1-5.1.11, 5.2-5.2.5 - SQL Injection via FilteredRelation Column Aliases
Sep 03, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-58162
MEDIUM
Mobile Security Framework 4.4.0 - Authenticated Path Traversal and Arbitrary File Write via Malicious APK Upload
Sep 02, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-58161
MEDIUM
Mobile Security Framework 4.4.0 - Authenticated Directory Traversal via Download Route
Sep 02, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-57808
HIGH
NUCLEI
ESPHome < 2025.8.1 - Unauthenticated Authentication Bypass via Empty or Substring Authorization Header
Sep 02, 2025
CVSS 8.1
EPSS 0.05
CVE-2025-58068
CRITICAL
eventlet < 0.40.3 - HTTP Request Smuggling via WSGI Trailer Handling
Aug 29, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-55304
MEDIUM
Exiv2 < 0.28.6 - Denial of Service via Crafted JPEG ICC Profile
Aug 29, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-54080
MEDIUM
exiv2 < 0.28.6 - Out-of-bounds Read
Aug 29, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-57809
HIGH
XGrammar < 0.1.21 - Uncontrolled Recursion
Aug 25, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-57804
MEDIUM
h2 <4.3.0 - Request Smuggling
Aug 25, 2025
EPSS 0.00
CVE-2025-57760
HIGH
Langflow - Authenticated Privilege Escalation via Internal CLI Command
Aug 25, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-5302
HIGH
llama-index-core < 0.12.38 - Denial of Service via JSONReader Recursion
Aug 25, 2025
CVSS 8.6
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 111
Plone 96
open-webui 86
mlflow 70
apache-superset 67
salt 67
ansible 66
pillow 52
nova 48
gradio 46
rdiffweb 43
matrix-synapse 42
pyload-ng 41
vyper 39
vllm 38
keystone 36
moin 35
aiohttp 33
opencv-contrib-python 30
opencv-python 30
PraisonAI 27
pgadmin4 26
pypdf 24
glance 22
langflow 22
ethyca-fides 21
Quick Filters