pypi
4,998 tracked vulnerabilities.
CVE-2025-23205
MEDIUM
nbgrader 0.9.4 - Exposure of Sensitive Data via Frame Ancestors Misconfiguration
Jan 17, 2025
EPSS 0.00
CVE-2025-22146
CRITICAL
Sentry 21.12.0-25.1.0 - Account Takeover via Malicious SAML Identity Provider
Jan 15, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-23042
HIGH
Gradio < 5.6.0 - Improper Authorization via Case Bypass in ACL File Path Validation
Jan 14, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-21607
HIGH
vyperlang/vyper < 0.4.1 - Always-Incorrect Control Flow Implementation in EcRecover and Identity Precompiles
Jan 14, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-22151
LOW
Strawberry GraphQL <0.257.0 - Type Confusion
Jan 09, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-21618
HIGH
NiceGUI < 2.9.1 - Improper Authentication
Jan 06, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-56373
HIGH
Airflow 2 - Privilege Escalation to RCE
Feb 24, 2026
CVSS 8.4
EPSS 0.01
CVE-2024-5986
CRITICAL
Ai.h2o H2o-core - Remote Code Execution
Feb 02, 2026
CVSS 9.1
EPSS 0.01
CVE-2024-38824
CRITICAL
SaltStack Salt 3006.0-3006.11 and 3007.0rc1-3007.3 - Path Traversal and Arbitrary File Write via recv_file Method
Jun 13, 2025
CVSS 9.6
EPSS 0.01
CVE-2024-38825
MEDIUM
Salt 3006.0rc1-3006.11 and 3007.0-3007.3 - Improper Authentication in PKI Module
Jun 13, 2025
CVSS 6.4
EPSS 0.00
CVE-2024-47081
MEDIUM
Requests < 2.32.4 - Credential Leak via Malicious URL Parsing
Jun 09, 2025
CVSS 5.3
EPSS 0.01
CVE-2024-24780
CRITICAL
Apache IoTDB 1.0.0-1.3.3 - Authenticated Remote Code Execution via UDF URI
May 14, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-53924
CRITICAL
Pycel through 1.0b30 - Remote Code Execution via Crafted Spreadsheet Formula
Apr 17, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-53305
HIGH
benbusby/whoogle_search < 0.9.1 - Remote Code Execution via Crafted Search Query
Apr 16, 2025
CVSS 7.3
EPSS 0.01
CVE-2024-9701
CRITICAL
Kedro < 0.19.9 - Remote Code Execution via ShelveStore Deserialization
Mar 20, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-9606
HIGH
berriai/litellm <1.44.12 - Info Disclosure
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-9340
HIGH
zenml < 0.68.0 - Unauthenticated Denial of Service via Malformed Multipart Request Boundary
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-9229
HIGH
quivr-core - Unauthenticated Denial of Service via Multipart Boundary Manipulation
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-9070
CRITICAL
BentoML <= 1.3.4.post1 - Remote Code Execution via Runner Server Deserialization
Mar 20, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-9056
HIGH
BentoML v1.3.4post1 - Unauthenticated Denial of Service via Multipart Boundary Processing
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-9053
CRITICAL
vllm 0.6.0 - Remote Code Execution via Unsafe Cloudpickle Deserialization
Mar 20, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-8984
HIGH
litellm < 1.65.4 - Unauthenticated Denial of Service via Multipart Boundary Processing
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-8966
HIGH
gradio/video 0.10.2 - Denial of Service via Multipart Boundary Processing
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-8955
HIGH
Composio 0.4.4 BrowserTool Actions - Server-Side Request Forgery File Read
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-8953
CRITICAL
composio < 0.5.43 - Remote Code Execution via Mathematical Calculator Endpoint
Mar 20, 2025
CVSS 9.8
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 92
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters