OSV - Open Source Vulnerabilities

PYSEC-2025-39

PyPI/motioneye

See record for full details

7 hours ago

Fix available

GHSA-4grg-w6v8-c28g

PyPI/flask

Flask uses fallback key instead of current signing key

yesterday

Fix available
Severity - 1.8 (Low)

GHSA-w6c7-j32f-rq8j

PyPI/apache-superset

Apache Superset Allows Ownership Takeover

yesterday

Fix available
Severity - 5.3 (Medium)

GHSA-7c85-87cp-mr6g

PyPI/llama-index

LlamaIndex Vulnerable to Denial of Service (DoS)

4 days ago

Fix available
Severity - 7.5 (High)

MAL-2025-3740

PyPI/badgerdoc-storage

Malicious code in badgerdoc-storage (PyPI)

4 days ago

No fix available

MAL-2025-3741

PyPI/dial-xl

Malicious code in dial-xl (PyPI)

4 days ago

No fix available

MAL-2025-3744

PyPI/program-admin

Malicious code in program-admin (PyPI)

4 days ago

No fix available

MAL-2025-3743

PyPI/iconnect

Malicious code in iconnect (PyPI)

4 days ago

No fix available

MAL-2025-3742

PyPI/document-inference

Malicious code in document-inference (PyPI)

4 days ago

No fix available

GHSA-q3m2-crgq-5p3q

PyPI/ironic

OpenStack Ironic fails to restrict paths used for file:// image URLs

6 days ago

Fix available
Severity - 2.8 (Low)

PYSEC-2025-38

PyPI/ironic

See record for full details

6 days ago

Fix available

GHSA-8j24-cjrq-gr2m

PyPI/django

Django has a denial-of-service possibility in strip_tags()

6 days ago

Fix available
Severity - 5.3 (Medium)

PYSEC-2025-37

PyPI/django

See record for full details

6 days ago

Fix available

GHSA-9pcc-gvx5-r5wm

PyPI/vllm

Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration

06 May

No fix available
Severity - 8.0 (High)

MAL-2025-3603

PyPI/testveriftest1asdlaaaaa

Malicious code in testveriftest1asdlaaaaa (PyPI)

06 May

No fix available

MAL-2025-3602

PyPI/testveriftest1asdlaaaa

Malicious code in testveriftest1asdlaaaa (PyPI)

06 May

No fix available