pypi

4,708 tracked vulnerabilities.

CVE-2025-51481 MEDIUM
Dagster < 1.10.16 - Local File Inclusion via Notebook Path Traversal
Jul 22, 2025
CVSS 6.6
EPSS 0.00
CVE-2025-53528 HIGH
Cadwyn < 5.4.3 - Reflected Cross-Site Scripting via Docs Endpoint Version Parameter
Jul 21, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-54121 MEDIUM
Starlette < 0.47.2 - Denial of Service via Large File Upload
Jul 21, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-7885 MEDIUM
Huashengdun WebSSH < 1.6.2 - Cross-Site Scripting via Login Page Hostname/Port Parameter
Jul 20, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-53890 CRITICAL
pyLoad CAPTCHA Processing - Unsafe JavaScript Evaluation Code Execution
Jul 15, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-53643 HIGH
AIOHTTP <3.12.14 - Request Smuggling
Jul 14, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-53640 MEDIUM
Indico 2.2-3.3.6 - Unauthenticated User Information Disclosure via User Detail Endpoint
Jul 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-29606 MEDIUM
py-libp2p < 0.2.3 - Denial of Service via Large RSA Key
Jul 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-53865 MEDIUM
Roundup < 2.5.0 - Cross-Site Scripting via Issue Tracker Templates
Jul 13, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-30402 HIGH
ExecuTorch - Heap Buffer Overflow in Method Loading
Jul 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-3933 MEDIUM
Hugging Face Transformers <4.50.3 - DoS
Jul 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-6211 MEDIUM
run-llama/llama_index <0.12.28 - Info Disclosure
Jul 10, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-7346 HIGH
pyload-ng - Unauthenticated Arbitrary Package Creation via Localhost Restriction Bypass
Jul 08, 2025
EPSS 0.01
CVE-2025-53539 HIGH
FastAPI Guard <3.0.1 - Buffer Overflow
Jul 07, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-6209 HIGH
run-llama/llama_index <0.12.27 - Path Traversal
Jul 07, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-6386 HIGH
parisneo/lollms < 20.1 - Timing Attack via Password Comparison in authenticate_user
Jul 07, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-6210 MEDIUM
run-llama/llama_index <0.12.27 - Path Traversal
Jul 07, 2025
CVSS 6.2
EPSS 0.00
CVE-2025-5472 MEDIUM
run-llama/llama_index <0.12.28 - Buffer Overflow
Jul 07, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-3777 LOW
Hugging Face Transformers <4.49.0 - Info Disclosure
Jul 07, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-3264 MEDIUM
Hugging Face Transformers <4.51.0 - DoS
Jul 07, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-3263 MEDIUM
Hugging Face Transformers <4.51.0 - DoS
Jul 07, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-3262 HIGH
huggingface/transformers <4.49.0 - DoS
Jul 07, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-3225 HIGH
run-llama/llama_index <v0.12.21 - DoS
Jul 07, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-3046 HIGH
llamaindex 0.12.23-0.12.28 - Arbitrary File Read via ObsidianReader Symlink Handling
Jul 07, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-3044 MEDIUM
run-llama/llama_index <0.12.22.post1 - Info Disclosure
Jul 07, 2025
CVSS 5.3
EPSS 0.00
Products
tensorflow 427 tensorflow-gpu 421 tensorflow-cpu 417 Django 147 apache-airflow 111 Plone 96 open-webui 86 mlflow 70 apache-superset 67 salt 67 ansible 66 pillow 52 nova 48 gradio 46 rdiffweb 43 matrix-synapse 42 pyload-ng 41 vyper 39 vllm 38 keystone 36 moin 35 aiohttp 33 opencv-contrib-python 30 opencv-python 30 PraisonAI 27 pgadmin4 26 pypdf 24 glance 22 langflow 22 ethyca-fides 21
Quick Filters
Critical CVEs With Exploits In CISA KEV