OSV - Open Source Vulnerabilities

MAL-2026-3702

PyPI/async-http-tools

Malicious code in async-http-tools (PyPI)

5 hours ago

No fix available

MAL-2026-3706

PyPI/web3-helpers

Malicious code in web3-helpers (PyPI)

5 hours ago

No fix available

MAL-2026-3705

PyPI/math-array-tools

Malicious code in math-array-tools (PyPI)

5 hours ago

No fix available

MAL-2026-3704

PyPI/graddio

Malicious code in graddio (PyPI)

5 hours ago

No fix available

MAL-2026-3703

PyPI/crypto-hash-utils

Malicious code in crypto-hash-utils (PyPI)

5 hours ago

No fix available

MAL-2026-3699

PyPI/aiohttp-util

Malicious code in aiohttp-util (PyPI)

5 hours ago

No fix available

MAL-2026-3701

PyPI/api-request-helpers

Malicious code in api-request-helpers (PyPI)

5 hours ago

No fix available

MAL-2026-3700

PyPI/alembic-util

Malicious code in alembic-util (PyPI)

5 hours ago

No fix available

MAL-2026-3697

PyPI/syntaxlogger

Malicious code in syntaxlogger (PyPI)

5 hours ago

No fix available

MAL-2026-3698

PyPI/trickery

Malicious code in trickery (PyPI)

6 hours ago

No fix available

MAL-2026-3665

PyPI/hackling

Malicious code in hackling (PyPI)

7 hours ago

No fix available

MAL-2026-3664

PyPI/workingitmehelpit

Malicious code in workingitmehelpit (PyPI)

8 hours ago

No fix available

GHSA-v25j-wqcw-fvhj

PyPI/wger

wger has an Uncontrolled Resource Consumption issue

9 hours ago

No fix available
Severity - 6.5 (Medium)

GHSA-p3hx-pwf3-j8wr

PyPI/nautobot

Nautobot: GitRepository.current_head field should not be writable through REST API

9 hours ago

Fix available
Severity - 7.1 (High)

GHSA-c35q-vxrp-ph26

PyPI/nautobot

Nautobot: Webhook definitions could be used for server-side request forgery (SSRF)

9 hours ago

Fix available
Severity - 8.5 (High)

GHSA-qrpw-gjvh-x5gm

PyPI/nautobot

Nautobot: Object bulk rename UI actions vulnerable to denial of service by crafted regular expression (REDoS)

9 hours ago

Fix available
Severity - 6.5 (Medium)