Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / pypi

pypi

4,708 tracked vulnerabilities.

CVE-2025-3108 HIGH

Llamaindex < 0.12.41 - Remote Code Execution

CVE-2025-53366 HIGH

mcp < 1.9.4 - Denial of Service via Malformed Request Validation Error

CVE-2025-53365 HIGH

MCP Python SDK <1.10.0 - Use After Free

CVE-2025-48379 HIGH

Pillow 11.2.0-11.2.9 - Heap-based Buffer Overflow in DDS Image Writing

CVE-2025-6855 MEDIUM

Langchain-Chatchat <0.3.1 - Path Traversal

CVE-2025-6854 MEDIUM

Langchain-Chatchat <0.3.1 - Path Traversal

CVE-2025-6853 MEDIUM

Langchain-Chatchat <0.3.1 - Path Traversal

CVE-2025-6773 MEDIUM

HKUDS LightRAG < 1.3.8 - Path Traversal via File Upload

CVE-2025-53002 HIGH

LLaMA-Factory <= 0.9.3 - Remote Code Execution via Malicious Checkpoint Path Parameter

CVE-2025-50213 CRITICAL

Apache Airflow Providers Snowflake <6.4.0 - Special Element Injection

CVE-2025-52558 HIGH

changedetection.io < 0.50.4 - Cross-Site Scripting via Filter Error Handling

CVE-2025-2828 CRITICAL

langchain < 0.0.28 - Server-Side Request Forgery via RequestsToolkit

CVE-2025-6518 MEDIUM

PySpur-Dev <0.1.18 - Improper Neutralization

CVE-2025-52967 MEDIUM

MLflow < 3.1.0 - Server-Side Request Forgery via Gateway Path Validation Bypass

CVE-2025-52556 CRITICAL

rfc3161-client < 1.0.3 - Improper Verification of Cryptographic Signature

CVE-2025-6279 MEDIUM

Upsonic < 0.55.6 - Remote Code Execution via cloudpickle.loads Deserialization

CVE-2025-6278 MEDIUM

upsonic < 0.55.6 - Path Traversal via file.filename Argument

CVE-2025-50182 MEDIUM

urllib3 2.2.0-2.5.0 - Open Redirect via Pyodide Runtime

CVE-2025-50181 MEDIUM

urllib3 < 2.5.0 - Open Redirect via PoolManager Retry Configuration

CVE-2025-6050 MEDIUM

Mezzanine < 6.1.1 - Authenticated Stored Cross-Site Scripting via Blog Post Title in Admin Interface

CVE-2025-6167 MEDIUM

python-a2a < 0.5.6 - Path Traversal in create_workflow Function

CVE-2025-49134 MEDIUM

Weblate < 5.12 - Unauthorized Exposure of User IP Address in Audit Log Notifications

CVE-2025-47951 MEDIUM

Weblate < 5.12 - Excessive Authentication Attempts via Second Factor Endpoint

CVE-2025-4565 MEDIUM

protobuf-python < 4.25.8 - Denial of Service via Recursive Protocol Buffers Parsing

CVE-2025-22242 MEDIUM

Salt 3006.x < 3006.12 and 3007.x < 3007.4 - Denial of Service via File Read Operation

Previous Page 45 of 189 Next

Products

tensorflow 427 tensorflow-gpu 421 tensorflow-cpu 417 Django 147 apache-airflow 111 Plone 96 open-webui 86 mlflow 70 apache-superset 67 salt 67 ansible 66 pillow 52 nova 48 gradio 46 rdiffweb 43 matrix-synapse 42 pyload-ng 41 vyper 39 vllm 38 keystone 36 moin 35 aiohttp 33 opencv-contrib-python 30 opencv-python 30 PraisonAI 27 pgadmin4 26 pypdf 24 glance 22 langflow 22 ethyca-fides 21

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy