pypi
4,987 tracked vulnerabilities.
CVE-2025-66448
HIGH
vllm < 0.11.1 - Remote Code Execution via Nemotron_Nano_VL_Config Auto-Map Instantiation
Dec 01, 2025
CVSS 7.1
EPSS 0.01
CVE-2025-66424
MEDIUM
Tryton trytond <7.6.11 - Info Disclosure
Nov 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-66423
HIGH
Tryton trytond <6.0-7.6.11 - Info Disclosure
Nov 30, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-66422
MEDIUM
Tryton trytond <7.6.11 - Info Disclosure
Nov 30, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-66221
MEDIUM
Werkzeug < 3.1.4 - Denial of Service via Windows Device Name Path Handling
Nov 29, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-66034
MEDIUM
fonttools 4.33.0-4.60.1 - Remote Code Execution via Malicious .designspace File Processing
Nov 29, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-12638
HIGH
Keras < 3.12.0 - Path Traversal and Arbitrary File Write via tarfile.extractall()
Nov 28, 2025
CVSS 8.0
EPSS 0.01
CVE-2025-66371
MEDIUM
Peppol-py < 1.1.1 - XML External Entity Injection via Saxon Configuration
Nov 28, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-13742
MEDIUM
pretix < 2025.7.2 - Email Content Spoofing via Attendee Name Placeholder
Nov 27, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-66040
LOW
Spotipy < 2.25.2 - Cross-Site Scripting via OAuth Error Parameter
Nov 27, 2025
CVSS 3.6
EPSS 0.00
CVE-2025-62593
CRITICAL
Ray < 2.52.0 - Remote Code Execution via DNS Rebinding and User-Agent Spoofing
Nov 26, 2025
EPSS 0.00
CVE-2025-65681
LOW
Overhang.IO <20.0.2 - Info Disclosure
Nov 26, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-66019
MEDIUM
pypdf < 6.4.0 - Uncontrolled Resource Consumption via LZWDecode Filter
Nov 26, 2025
EPSS 0.00
CVE-2025-62703
HIGH
Fugue < 0.9.1 - Remote Code Execution via Pickle Deserialization
Nov 25, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-13609
HIGH
Keylime < 7.13.0 - Agent Identity Overwrite via Duplicate UUID Registration
Nov 24, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-65106
HIGH
langchain-core 1.0.0-1.0.6 - Template Injection via Untrusted Template Strings
Nov 21, 2025
EPSS 0.00
CVE-2025-62609
HIGH
MLX < 0.29.4 - Denial of Service via Malicious GGUF File Loading
Nov 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-62608
CRITICAL
MLX < 0.29.4 - Heap-based Buffer Overflow in NumPy File Parser
Nov 21, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-62426
MEDIUM
vLLM 0.5.5-0.11.1 - Denial of Service via Unvalidated chat_template_kwargs Parameter
Nov 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62372
MEDIUM
vLLM 0.5.5-0.11.1 - Denial of Service via Multimodal Embedding Input Shape Mismatch
Nov 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-62164
HIGH
vLLM 0.10.2-0.11.1 - Remote Code Execution via Malicious Prompt Embedding Tensors
Nov 21, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-65015
HIGH
joserfc 1.3.3-1.3.4 and 1.4.0-1.4.1 - Denial of Service via Large JWT Payload
Nov 18, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-60455
HIGH
Modular Max Serve <25.6 - Code Injection
Nov 18, 2025
CVSS 8.4
EPSS 0.00
CVE-2025-65073
HIGH
OpenStack Keystone < 26.0.1, 27.0.0, 28.0.0 - Incorrect Authorization via AWS Signature
Nov 17, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-12765
HIGH
pgAdmin <= 9.9 - Improper Certificate Validation in LDAP Authentication
Nov 13, 2025
CVSS 7.5
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 91
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters