pypi

4,987 tracked vulnerabilities.

CVE-2025-59152 HIGH
Litestar 2.17.0 - Rate Limit Bypass via X-Forwarded-For Header Manipulation
Oct 06, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-8917 MEDIUM
clearml < 2.0.2 - Path Traversal and Arbitrary File Write via Symbolic and Hard Link Handling
Oct 05, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-8406 HIGH
ZenML 0.83.1 - Path Traversal and Arbitrary File Write via PathMaterializer
Oct 05, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-61677 LOW
DataChain < 0.34.2 - Remote Code Execution via Untrusted Data Deserialization
Oct 03, 2025
CVSS 2.5
EPSS 0.00
CVE-2025-53354 MEDIUM
NiceGUI < 3.0.0 - Cross-Site Scripting via ui.html()
Oct 03, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-60787 HIGH
MotionEye <= 0.43.1b4 - Authenticated Configuration Command Injection
Oct 03, 2025
CVSS 7.2
EPSS 0.19
CVE-2025-59682 LOW
Django 4.2-4.2.24, 5.1-5.1.12, 5.2-5.2.6 - Relative Path Traversal via Archive Extraction
Oct 01, 2025
CVSS 3.1
EPSS 0.01
CVE-2025-59681 HIGH
Django 4.2-4.2.24, 5.1-5.1.12, 5.2-5.2.6 - SQL Injection via Column Alias Dictionary Expansion
Oct 01, 2025
CVSS 7.1
EPSS 0.01
CVE-2025-57275 MEDIUM
SPDK < 25.9 - Buffer Overflow in NVMe-oF Target Component
Oct 01, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-61622 CRITICAL
pyfory 0.12.0-0.12.2 and pyfury 0.1.0-0.10.3 - Remote Code Execution via Pickle Deserialization
Oct 01, 2025
CVSS 9.8
EPSS 0.41
CVE-2025-59940 MEDIUM
mkdocs-include-markdown-plugin < 7.1.8 - Improper Input Validation
Sep 29, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-7647 HIGH
Llama-index-core <0.12.44 - Info Disclosure
Sep 27, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-59842 MEDIUM
JupyterLab <4.4.8 - Info Disclosure
Sep 26, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-54831 MEDIUM
Apache Airflow <3.0.3 - Info Disclosure
Sep 26, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-11000 LOW
Open Babel <3.1.1 - Null Pointer Dereference
Sep 26, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-10999 LOW
Open Babel <3.1.1 - Null Pointer Dereference
Sep 26, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-10998 LOW
Open Babel <3.1.1 - Null Pointer Dereference
Sep 26, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-10997 MEDIUM
Open Babel <3.1.1 - Buffer Overflow
Sep 26, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-10996 MEDIUM
Open Babel <3.1.1 - Buffer Overflow
Sep 26, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-10995 MEDIUM
Open Babel <3.1.1 - Memory Corruption
Sep 26, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-10994 MEDIUM
Open Babel < 3.1.1 - Use-After-Free in GAMESSOutputFormat::ReadMolecule
Sep 26, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-10952 MEDIUM
geyang ml-logger < acf255b - Sensitive Information Exposure via stream_handler
Sep 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-10951 HIGH
geyang ml-logger - Path Traversal via File Argument in log_handler
Sep 25, 2025
CVSS 7.3
EPSS 0.01
CVE-2025-10950 MEDIUM
geyang ml-logger < acf255bade5be6ad88d90735c8367b28cbe3a743 - Remote Code Execution via Deserialization in Ping Handler
Sep 25, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-55178 MEDIUM
Llama Stack < 0.2.20 - Remote Code Execution via Unverified Parameters in resolve_ast_by_type
Sep 24, 2025
CVSS 5.3
EPSS 0.00