pypi
4,998 tracked vulnerabilities.
CVE-2025-0190
HIGH
aim 3.25.0 - Denial of Service via Excessive Text Object Queries
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-0189
HIGH
aimstack aim 3.25.0 - Denial of Service via Large WebSocket Image Upload
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-29783
CRITICAL
vllm 0.6.5-0.7.9 - Remote Code Execution via Unsafe Mooncake Deserialization
Mar 19, 2025
CVSS 9.0
EPSS 0.01
CVE-2025-29770
MEDIUM
vllm < 0.8.0 - Denial of Service via Outlines Grammar Cache Exhaustion
Mar 19, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-27018
MEDIUM
Apache Airflow MySQL Provider <6.2.0 - SQL Injection
Mar 19, 2025
CVSS 6.3
EPSS 0.01
CVE-2025-1057
MEDIUM
Keylime 7.12.0 - Denial of Service via Agent Registration Type Mismatch
Mar 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-29780
MEDIUM
Post-Quantum Secure Feldman's Verifiable Secret Sharing <0.8.0b2 - ...
Mar 14, 2025
EPSS 0.00
CVE-2025-29779
MEDIUM
Post-Quantum Secure Feldman's Verifiable Secret Sharing <0.8.0b2 - ...
Mar 14, 2025
EPSS 0.00
CVE-2025-2000
CRITICAL
Qiskit 0.18.0-1.4.1 - Remote Code Execution via QPY Deserialization
Mar 14, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-24986
MEDIUM
Azure PromptFlow Core < 1.17.2 and PromptFlow Tools < 1.6.0 - Unauthenticated Remote Code Execution
Mar 11, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-1550
CRITICAL
NUCLEI
Keras 3.0.0-3.8.0 and 3.9.0 - Remote Code Execution via Malicious .keras Archive
Mar 11, 2025
CVSS 9.8
EPSS 0.03
CVE-2025-1497
CRITICAL
PlotAI < 0.0.7 - Remote Code Execution via Unvalidated LLM Output
Mar 10, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-2149
LOW
PyTorch 2.6.0+cu124 - Improper Initialization
Mar 10, 2025
CVSS 2.5
EPSS 0.00
CVE-2025-2148
MEDIUM
PyTorch 2.6.0+cu124 - Memory Corruption
Mar 10, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-1945
CRITICAL
picklescan < 0.0.23 - Insufficient Verification of Data Authenticity via ZIP File Header Bit Manipulation
Mar 10, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-1944
MEDIUM
PickleScan <0.0.23 - Code Injection
Mar 10, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-26699
MEDIUM
Django 4.2-5.1 - Denial of Service via django.utils.text.wrap()
Mar 06, 2025
CVSS 5.0
EPSS 0.01
CVE-2025-1979
MEDIUM
Ray < 2.43.0 - Sensitive Information Disclosure via Redis Password Logging
Mar 06, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-27516
HIGH
Jinja < 3.1.6 - Remote Code Execution via |attr Filter Sandbox Bypass
Mar 05, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-25362
CRITICAL
spacy-llm < 0.7.3 - Server-Side Template Injection via Template Field
Mar 05, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-1889
CRITICAL
picklescan <0.0.22 - Info Disclosure
Mar 03, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-25302
MEDIUM
rembg < 2.0.57 - Origin Validation Error in CORS Middleware
Mar 03, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-25301
HIGH
rembg < 2.0.57 - Server-Side Request Forgery via /api/remove URL Parameter
Mar 03, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-24023
LOW
Flask-AppBuilder < 4.5.3 - Unauthenticated Username Enumeration via Timing Attack
Mar 03, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-1300
MEDIUM
CodeChecker <= 6.24.5 - Open Redirect via Multiple Slashes Bypass
Feb 28, 2025
CVSS 6.1
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 92
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters