pypi
4,986 tracked vulnerabilities.
CVE-2025-15504
LOW
LIEF < 0.17.2 - Null Pointer Dereference in ELF Binary Parser
Jan 10, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-68158
MEDIUM
Authlib 1.0.0-1.6.5 - Cross-Site Request Forgery via Cache-Backed State Storage
Jan 08, 2026
CVSS 5.7
EPSS 0.00
CVE-2025-15346
CRITICAL
wolfssl-py <= 5.8.2 - Improper Authentication via Missing WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT Flag
Jan 08, 2026
EPSS 0.00
CVE-2025-61492
CRITICAL
Terminal-Controller-MCP 0.1.7 - Command Injection
Jan 07, 2026
CVSS 10.0
EPSS 0.02
CVE-2025-69230
MEDIUM
aiohttp < 3.13.3 - Logging of Excessive Data via Cookie Header
Jan 06, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-69229
MEDIUM
aiohttp < 3.13.3 - Denial of Service via Chunked Message Handling
Jan 06, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-69228
HIGH
aiohttp < 3.13.3 - Denial of Service via Request.post() Memory Exhaustion
Jan 06, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-69227
HIGH
aiohttp < 3.13.3 - Denial of Service via POST Body Processing
Jan 06, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-69225
MEDIUM
aiohttp < 3.13.3 - HTTP Request Smuggling via Range Header
Jan 06, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-69226
MEDIUM
aiohttp < 3.13.3 - Path Traversal in Static File Path Normalization
Jan 05, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-69224
MEDIUM
aiohttp < 3.13.3 - HTTP Request Smuggling via Non-ASCII Character Bypass
Jan 05, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-69223
HIGH
aiohttp < 3.13.3 - Denial of Service via Zip Bomb Decompression
Jan 05, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-67303
HIGH
NUCLEI
ComfyUI-Manager <3.38 - Info Disclosure
Jan 05, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-11157
HIGH
feast < 0.54.0 - Remote Code Execution via YAML Deserialization in Kubernetes Materializer
Jan 01, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-34469
HIGH
Cowrie < 2.9.0 - Unauthenticated Server-Side Request Forgery via wget and curl Emulation
Dec 31, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-69277
MEDIUM
libsodium <ad3004e - Memory Corruption
Dec 31, 2025
CVSS 4.5
EPSS 0.00
CVE-2025-68131
HIGH
cbor2 3.0.0-5.7.9 - Information Exposure via Shared Reference Tag
Dec 31, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-67729
HIGH
LMDeploy < 0.11.1 - Remote Code Execution via Insecure PyTorch Model Deserialization
Dec 26, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-68664
CRITICAL
LangChain <0.3.81 and 1.2.5 - Code Injection
Dec 23, 2025
CVSS 9.3
EPSS 0.14
CVE-2025-14931
CRITICAL
Hugging Face smolagents - Deserialization
Dec 23, 2025
CVSS 10.0
EPSS 0.01
CVE-2025-65713
MEDIUM
Home Assistant Core <2025.8.0 - Path Traversal
Dec 23, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-67743
MEDIUM
local-deep-research 1.3.0-1.3.8 - Server-Side Request Forgery via Download Service
Dec 23, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-68480
MEDIUM
marshmallow 3.0.0rc1-3.26.1 and 4.0.0-4.1.1 - Denial of Service via Schema.load
Dec 22, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-68481
MEDIUM
fastapi-users < 15.0.2 - Login Cross-Site Request Forgery via OAuth State Token
Dec 19, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-68478
HIGH
langflow < 1.7.0 - Arbitrary File Write via Unrestricted fs_path Parameter
Dec 19, 2025
CVSS 7.1
EPSS 0.04
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 91
mlflow 76
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters