Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
771665
AlmaLinux
5255
Alpaquita
11478
Alpine
4352
Android
3403
Azure Linux
12016
BellSoft Hardened Containers
572
Bitnami
8321
Chainguard
9230
CleanStart
1780
CRAN
14
crates.io
2561
Debian
59730
Echo
6663
GHC
3
GIT
93402
GitHub Actions
54
Go
8149
Hackage
32
Hex
183
Julia
990
Linux
25415
Mageia
6011
Maven
6694
MinimOS
88548
npm
222421
NuGet
1770
opam
19
openEuler
7186
openSUSE
13477
OSS-Fuzz
3958
Packagist
6669
Pub
11
PyPI
23770
Red Hat
21212
Rocky Linux
3628
Root
17390
RubyGems
4559
SUSE
21334
SwiftURL
58
TuxCare
5651
Ubuntu
57223
VSCode
20
Wolfi
6453
ID
Packages
Summary
Published
arrow_upward
Attributes
PYSEC-2026-2977
PyPI/pydantic-ai
pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)
3 hours ago
Fix available
Severity - 6.8 (Medium)
PYSEC-2026-2981
PyPI/pydantic-ai-slim
pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)
3 hours ago
Fix available
Severity - 6.8 (Medium)
PYSEC-2026-2982
PyPI/pydantic-ai-slim
Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)
3 hours ago
Fix available
Severity - 6.8 (Medium)
PYSEC-2026-2978
PyPI/pydantic-ai
Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)
3 hours ago
Fix available
Severity - 6.8 (Medium)
PYSEC-2026-2983
PyPI/pydantic-ai-slim
Pydantic AI has Stored XSS via Path Traversal in Web UI CDN URL
4 hours ago
Fix available
Severity - 7.1 (High)
PYSEC-2026-2979
PyPI/pydantic-ai
Pydantic AI has Stored XSS via Path Traversal in Web UI CDN URL
4 hours ago
Fix available
Severity - 7.1 (High)
PYSEC-2026-2980
PyPI/pydantic-ai-slim
Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling
4 hours ago
Fix available
Severity - 8.6 (High)
PYSEC-2026-2976
PyPI/pydantic-ai
Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling
4 hours ago
Fix available
Severity - 8.6 (High)
PYSEC-2026-1812
PyPI/pydantic
Pydantic regular expression denial of service
6 days ago
Fix available
Severity - 5.9 (Medium)
GHSA-cg7w-rg45-pc59
PyPI/pydantic-ai
PyPI/pydantic-ai-slim
pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)
26 Jun
Fix available
Severity - 6.8 (Medium)
GHSA-4xgf-cpjx-pc3j
PyPI/pydantic-settings
pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size
19 Jun
Fix available
Severity - 5.3 (Medium)
GHSA-cqp8-fcvh-x7r3
PyPI/pydantic-ai
PyPI/pydantic-ai-slim
Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580)
21 May
Fix available
Severity - 6.8 (Medium)
GHSA-wjp5-868j-wqv7
PyPI/pydantic-ai
PyPI/pydantic-ai-slim
Pydantic AI has Stored XSS via Path Traversal in Web UI CDN URL
06 Feb
Fix available
Severity - 7.1 (High)
GHSA-2jrp-274c-jhv3
PyPI/pydantic-ai
PyPI/pydantic-ai-slim
Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling
06 Feb
Fix available
Severity - 8.6 (High)
MAL-2025-2989
PyPI/pydantic-kit
Malicious code in pydantic-kit (PyPI)
28 Mar 2025
No fix available
GHSA-mr82-8j83-vxmv
PyPI/pydantic
Pydantic regular expression denial of service
15 Apr 2024
Fix available
Severity - 5.9 (Medium)
Load more...
(1 page left)
PyPI - OSV