binux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Flask endpoints.
"https://github.com/pypa/advisory-database/blob/main/vulns/pyspider/PYSEC-2026-1842.yaml"