pypi

4,998 tracked vulnerabilities.

CVE-2025-0190 HIGH
aim 3.25.0 - Denial of Service via Excessive Text Object Queries
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-0189 HIGH
aimstack aim 3.25.0 - Denial of Service via Large WebSocket Image Upload
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-29783 CRITICAL
vllm 0.6.5-0.7.9 - Remote Code Execution via Unsafe Mooncake Deserialization
Mar 19, 2025
CVSS 9.0
EPSS 0.01
CVE-2025-29770 MEDIUM
vllm < 0.8.0 - Denial of Service via Outlines Grammar Cache Exhaustion
Mar 19, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-27018 MEDIUM
Apache Airflow MySQL Provider <6.2.0 - SQL Injection
Mar 19, 2025
CVSS 6.3
EPSS 0.01
CVE-2025-1057 MEDIUM
Keylime 7.12.0 - Denial of Service via Agent Registration Type Mismatch
Mar 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-29780 MEDIUM
Post-Quantum Secure Feldman's Verifiable Secret Sharing <0.8.0b2 - ...
Mar 14, 2025
EPSS 0.00
CVE-2025-29779 MEDIUM
Post-Quantum Secure Feldman's Verifiable Secret Sharing <0.8.0b2 - ...
Mar 14, 2025
EPSS 0.00
CVE-2025-2000 CRITICAL
Qiskit 0.18.0-1.4.1 - Remote Code Execution via QPY Deserialization
Mar 14, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-24986 MEDIUM
Azure PromptFlow Core < 1.17.2 and PromptFlow Tools < 1.6.0 - Unauthenticated Remote Code Execution
Mar 11, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-1550 CRITICAL NUCLEI
Keras 3.0.0-3.8.0 and 3.9.0 - Remote Code Execution via Malicious .keras Archive
Mar 11, 2025
CVSS 9.8
EPSS 0.03
CVE-2025-1497 CRITICAL
PlotAI < 0.0.7 - Remote Code Execution via Unvalidated LLM Output
Mar 10, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-2149 LOW
PyTorch 2.6.0+cu124 - Improper Initialization
Mar 10, 2025
CVSS 2.5
EPSS 0.00
CVE-2025-2148 MEDIUM
PyTorch 2.6.0+cu124 - Memory Corruption
Mar 10, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-1945 CRITICAL
picklescan < 0.0.23 - Insufficient Verification of Data Authenticity via ZIP File Header Bit Manipulation
Mar 10, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-1944 MEDIUM
PickleScan <0.0.23 - Code Injection
Mar 10, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-26699 MEDIUM
Django 4.2-5.1 - Denial of Service via django.utils.text.wrap()
Mar 06, 2025
CVSS 5.0
EPSS 0.01
CVE-2025-1979 MEDIUM
Ray < 2.43.0 - Sensitive Information Disclosure via Redis Password Logging
Mar 06, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-27516 HIGH
Jinja < 3.1.6 - Remote Code Execution via |attr Filter Sandbox Bypass
Mar 05, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-25362 CRITICAL
spacy-llm < 0.7.3 - Server-Side Template Injection via Template Field
Mar 05, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-1889 CRITICAL
picklescan <0.0.22 - Info Disclosure
Mar 03, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-25302 MEDIUM
rembg < 2.0.57 - Origin Validation Error in CORS Middleware
Mar 03, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-25301 HIGH
rembg < 2.0.57 - Server-Side Request Forgery via /api/remove URL Parameter
Mar 03, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-24023 LOW
Flask-AppBuilder < 4.5.3 - Unauthenticated Username Enumeration via Timing Attack
Mar 03, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-1300 MEDIUM
CodeChecker <= 6.24.5 - Open Redirect via Multiple Slashes Bypass
Feb 28, 2025
CVSS 6.1
EPSS 0.00