OSV - Open Source Vulnerabilities

PYSEC-2026-2

PyPI/litellm

Two litellm versions published containing credential harvesting malware

24 Mar

No fix available

MAL-2026-2144

PyPI/litellm

Malicious code in litellm (PyPI)

24 Mar

No fix available

MAL-2026-503

PyPI/test-poc-package-for-session-2

Malicious code in test-poc-package-for-session-2 (PyPI)

25 Jan

No fix available

MAL-2025-41778

PyPI/tf-nightly-2-0-preview

Malicious code in tf-nightly-2-0-preview (PyPI)

28 Aug 2025

No fix available

MAL-2025-191864

PyPI/seclab-research-depconf-test-2

Malicious code in seclab-research-depconf-test-2 (PyPI)

22 Aug 2025

No fix available

PYSEC-2025-2

PyPI/uniapi

uniapi version 1.0.7 contained an information harvesting script.

24 Jan 2025

No fix available

MAL-2024-11689

PyPI/requests-2-32-3

Malicious code in requests-2-32-3 (PyPI)

09 Dec 2024

No fix available

MAL-2024-10154

PyPI/reqests-2

Malicious code in reqests-2 (PyPI)

05 Aug 2024

No fix available

MAL-2025-954

PyPI/private-test-2

Malicious code in private-test-2 (PyPI)

26 Jul 2024

No fix available

MAL-2024-5901

PyPI/requests-toolbelt-2

Malicious code in requests-toolbelt-2 (PyPI)

25 Jun 2024

No fix available

GHSA-g777-crp9-m27g

PyPI/appwrite
npm/appwrite-cli

Apprite CLI makes Use of Hard-coded Credentials

09 Jan 2024

Fix available
Severity - 6.8 (Medium)

PYSEC-2024-2

PyPI/appwrite

See record for full details

09 Jan 2024

Fix available
Severity - 5.5 (Medium)

GHSA-h6g5-wqqr-3mw3

PyPI/apache-airflow

Sensitive Information in Error Messages in Apache Airflow

15 Mar 2023

Fix available
Severity - 6.9 (Medium)

PYSEC-2023-2

PyPI/apache-airflow

See record for full details

15 Mar 2023

Fix available

GHSA-738x-v49g-p6hx

PyPI/scalyr-agent-2

Scalyr Agent 2 Missing SSL Certificate Validation

24 May 2022

Fix available
Severity - 9.8 (Critical)

GHSA-w6xv-mf6f-r5f6

PyPI/scalyr-agent-2

Scalyr Agent Missing SSL Certificate Validation

24 May 2022

Fix available
Severity - 9.8 (Critical)

Load more...(3 pages left)