Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
Vulnerabilities
search
All ecosystems
315326
AlmaLinux
3790
Alpine
3743
Android
2907
Bitnami
5664
Chainguard
27738
CRAN
10
crates.io
1731
Debian
46999
GHC
3
GIT
29736
GitHub Actions
28
Go
4348
Hackage
24
Hex
37
Linux
13573
Mageia
5644
Maven
5665
MinimOS
1852
npm
27398
NuGet
1446
openSUSE
10097
OSS-Fuzz
3624
Packagist
4740
Pub
10
PyPI
16000
Red Hat
16449
Rocky Linux
1758
RubyGems
1688
SUSE
16470
SwiftURL
35
Ubuntu
47023
Wolfi
15096
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-8w3f-4r8f-pf53
PyPI/pyload-ng
pyLoad vulnerable to XSS through insecure CAPTCHA
15 hours ago
Fix available
Severity - 9.8 (Critical)
MAL-2025-5847
PyPI/vtk-osmesa
Malicious code in vtk-osmesa (PyPI)
yesterday
No fix available
GHSA-9548-qrrj-x5pj
PyPI/aiohttp
AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections
yesterday
Fix available
Severity - 1.7 (Low)
GHSA-q28v-664f-q6wj
PyPI/indico
Indico vulnerability allows attackers to bulk dump user details
yesterday
Fix available
Severity - 5.3 (Medium)
GHSA-x8c6-gj59-6rx8
PyPI/libp2p
py-libp2p is vulnerable to DoS attacks through use of large RSA keys
2 days ago
Fix available
Severity - 4.3 (Medium)
GHSA-qxh9-qmf2-rhwc
PyPI/roundup
Roundup is vulnerable to XSS through interactions between URLs and issue tracker templates
2 days ago
Fix available
Severity - 6.4 (Medium)
PYSEC-2025-69
PyPI/roundup
See record for full details
2 days ago
Fix available
MAL-2025-5837
PyPI/test-package-avinav
Malicious code in test-package-avinav (PyPI)
3 days ago
No fix available
GHSA-h952-963h-rv99
PyPI/executorch
ExecuTorch vulnerable to Heap-based Buffer Overflow attack
4 days ago
No fix available
Severity - 8.1 (High)
GHSA-37mw-44qp-f5jm
PyPI/transformers
Transformers is vulnerable to ReDoS attack through its DonutProcessor class
4 days ago
Fix available
Severity - 5.3 (Medium)
GHSA-5hq9-5r78-2gjh
PyPI/llama-index
PyPI/llama-index-readers-docugami
LlamaIndex vulnerable to data loss through hash collisions in its DocugamiReader class
5 days ago
Fix available
Severity - 6.5 (Medium)
GHSA-x698-5hjm-w2m5
PyPI/pyload-ng
pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages
08 Jul
No fix available
Severity - 7.5 (High)
GHSA-j47q-rc62-w448
PyPI/fastapi-guard
fastapi-guard is vulnerable to ReDoS through inefficient regex
07 Jul
Fix available
Severity - 6.9 (Medium)
GHSA-q93c-p2mw-p23f
PyPI/dagster
Dagster vulnerable to Path Traversal attack through its /logs endpoint
07 Jul
Fix available
Severity - 4.4 (Medium)
GHSA-2rhq-96q8-4vjq
PyPI/llama-index-core
LlamaIndex vulnerable to Path Traversal attack through its encode_image function
07 Jul
Fix available
Severity - 7.5 (High)
PYSEC-2025-65
PyPI/llama-index
github.com/run-llama/llama_index
See record for full details
07 Jul
Fix available
Load more...
PyPI - OSV