Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-xfhx-r7ww-5995
  • PyPI/keras
 Google Keras Allocates Resources Without Limits or Throttling in the HDF5 weight loading component 15 hours ago
  • Fix available
  • Severity - 7.1 (High)
MAL-2026-256
  • PyPI/legendevil1
 Malicious code in legendevil1 (PyPI) yesterday
  • No fix available
MAL-2026-254
  • PyPI/hairest
 Malicious code in hairest (PyPI) yesterday
  • No fix available
GHSA-6pw3-h7xf-x4gp
  • PyPI/blacksheep
 BlackSheep's ClientSession is vulnerable to CRLF injection yesterday
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-3g2f-4rjg-9385
  • PyPI/weblate
 Weblate leaks information via screenshots yesterday
  • Fix available
  • Severity - 2.3 (Low)
MAL-2026-253
  • PyPI/clipcord
 Malicious code in clipcord (PyPI) yesterday
  • No fix available
MAL-2026-252
  • PyPI/solana-program
 Malicious code in solana-program (PyPI) yesterday
  • No fix available
MAL-2026-251
  • PyPI/soupclaw
 Malicious code in soupclaw (PyPI) yesterday
  • No fix available
MAL-2026-250
  • PyPI/transitive-req
 Malicious code in transitive-req (PyPI) yesterday
  • No fix available
GHSA-xg9w-vg3g-6m68
  • PyPI/guarddog
 GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE 2 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-jm66-cg57-jjv5
  • PyPI/azure-core
 Azure Core is vulnerable to deserialization of untrusted data 2 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-jm5j-jfrm-hm23
  • PyPI/hermes
 hermes's raw options logging may disclose secrets passed in via subcommand options argument 2 days ago
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-562r-8445-54r2
  • PyPI/comfy-cli
 ComfyUI-Manager is Vulnerable to CRLF Injection in Configuration Handler 2 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-597g-3phw-6986
  • PyPI/virtualenv
 virtualenv Has TOCTOU Vulnerabilities in Directory Creation 2 days ago
  • Fix available
  • Severity - 4.5 (Medium)
GHSA-qmgc-5h2g-mvrw
  • PyPI/filelock
 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-grg2-63fw-f2qr
  • PyPI/vllm
 vLLM is vulnerable to DoS in Idefics3 vision models via image payload with ambiguous dimensions 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
Load more...