Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-xjgw-4wvw-rgm4
  • PyPI/mcp-atlassian
 MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment 2 days ago
  • Fix available
  • Severity - 9.0 (Critical)
GHSA-7r34-79r5-rcc9
  • PyPI/mcp-atlassian
 MCP Atlassian has SSRF via unvalidated X-Atlassian-Jira-Url / X-Atlassian-Confluence-Url headers 2 days ago
  • Fix available
  • Severity - 8.2 (High)
MAL-2026-1325
  • PyPI/synapseml-utils
 Malicious code in synapseml-utils (PyPI) 2 days ago
  • No fix available
GHSA-m6hv-x64c-27mm
  • PyPI/copyparty
 copyparty: volflag `nohtml` did not block javascript in svg files 2 days ago
  • Fix available
  • Severity - 4.6 (Medium)
GHSA-v359-jj2v-j536
  • PyPI/vllm
 vLLM has SSRF Protection Bypass 3 days ago
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-x46r-mf5g-xpr6
  • PyPI/glances
 Glances has SQL Injection via Process Names in TimescaleDB Export 3 days ago
  • Fix available
  • Severity - 7.3 (High)
GHSA-gh4x-f7cq-wwx6
  • PyPI/glances
 Glances Exposes Unauthenticated Configuration Secrets 3 days ago
  • Fix available
  • Severity - 8.7 (High)
MAL-2026-1296
  • PyPI/bpsm
 Malicious code in bpsm (PyPI) 3 days ago
  • No fix available
MAL-2026-1294
  • PyPI/causal-canvas
 Malicious code in causal-canvas (PyPI) 3 days ago
  • No fix available
MAL-2026-1295
  • PyPI/tabformerlite
 Malicious code in tabformerlite (PyPI) 3 days ago
  • No fix available
GHSA-9r5j-7r2x-rv4g
  • PyPI/apache-airflow-providers-http
 Apache Airflow Providers Http has Unsafe Pickle Deserializatio leading to RCE via HttpOperator 3 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-rv5f-ccpm-xjj4
  • PyPI/apache-airflow-providers-amazon
 Apache Airflow AWS Auth Manager has Host Header Injection Leading to SAML Authentication Bypass 3 days ago
  • Fix available
  • Severity - 5.4 (Medium)
MAL-2026-1291
  • PyPI/requests-lite
 Malicious code in requests-lite (PyPI) 3 days ago
  • No fix available
MAL-2026-1290
  • PyPI/remjsonparse
 Malicious code in remjsonparse (PyPI) 3 days ago
  • No fix available
MAL-2026-1289
  • PyPI/aioutil3
 Malicious code in aioutil3 (PyPI) 4 days ago
  • No fix available
MAL-2026-1288
  • PyPI/arnavtest123
 Malicious code in arnavtest123 (PyPI) 4 days ago
  • No fix available
Load more...