Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-cx3h-4qpv-8hc9
  • PyPI/tornado
Tornado has out-of-bounds memory access via C extension 21 minutes ago
  • Fix available
  • Severity - 3.7 (Low)
GHSA-248m-82v9-q6g6
  • PyPI/pypdf
pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams 22 minutes ago
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-cj93-chg6-vgv8
  • PyPI/pypdf
pypdf: Possible large memory usage for large offsets for layout mode text 23 minutes ago
  • Fix available
  • Severity - 4.8 (Medium)
MAL-2026-5698
  • PyPI/nagios-xi
Malicious code in nagios-xi (PyPI) 3 hours ago
  • No fix available
MAL-2026-5684
  • PyPI/jec
Malicious code in jec (PyPI) 5 hours ago
  • No fix available
MAL-2026-5683
  • PyPI/trongapy
Malicious code in trongapy (PyPI) 11 hours ago
  • No fix available
MAL-2026-5681
  • PyPI/trongap
Malicious code in trongap (PyPI) 19 hours ago
  • No fix available
MAL-2026-5680
  • PyPI/bittensor-burn-message
Malicious code in bittensor-burn-message (PyPI) 19 hours ago
  • No fix available
MAL-2026-5679
  • PyPI/pylogxo
Malicious code in pylogxo (PyPI) 21 hours ago
  • No fix available
GHSA-wxq4-cc2q-338q
  • PyPI/wsgidav
WsgiDAV encoded dot segments can escape filesystem share roots 22 hours ago
  • Fix available
  • Severity - 7.1 (High)
GHSA-4mj9-pf4r-cqrc
  • PyPI/kolibri
Kolibri has Unauthenticated Server-Side Request Forgery (SSRF) in RemoteFacilityUserViewset yesterday
  • Fix available
  • Severity - 5.8 (Medium)
GHSA-9663-mqmp-p9mm
  • PyPI/zeroconf
python-zeroconf: Unbounded TC-deferred queue allows LAN-local memory exhaustion via spoofed-source flood yesterday
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-9gw6-46qc-99vr
  • PyPI/meta-ads-mcp
Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token yesterday
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-qq6c-99pv-prvf
  • PyPI/pdm
PDM: Project-Controlled `.pdm-plugins` Content Executes Before CLI Parsing yesterday
  • Fix available
  • Severity - 8.4 (High)
MAL-2026-5649
  • PyPI/bibip-bip
Malicious code in bibip-bip (PyPI) yesterday
  • No fix available
MAL-2026-5545
  • PyPI/acme-widget-layout-utils
Malicious code in acme-widget-layout-utils (PyPI) yesterday
  • No fix available