pypi
734,614 packages · pypi.org
High Security Advisories in pypi Clear Filters
High
11 days ago
Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)
pypi
authlib
High
23 days ago
MONAI does not prevent path traversal, potentially leading to arbitrary file writes
pypi
monai
High
23 days ago
OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload
pypi
octoprint
High
24 days ago
Fides Webserver API is Vulnerable to OAuth Client Privilege Escalation
pypi
ethyca-fides
High
27 days ago
pgadmin4 is affected by a Cross-Origin Opener Policy (COOP) vulnerability
pypi
pgadmin4
High
29 days ago
Langchain Community Vulnerable to XML External Entity (XXE) Attacks
pypi
langchain-community
High
about 1 month ago
ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header
pypi
esphome
High
about 1 month ago
LlamaIndex affected by a Denial of Service (DOS) in JSONReader
pypi
llama-index-core
High
about 1 month ago
XGrammar affected by Denial of Service by infinite recursion grammars
pypi
xgrammar
High
about 1 month ago
Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)
pypi
langflow-base, langflow
High
about 1 month ago
Denial-of-Service attack in pyLoad CNL Blueprint using dukpy.evaljs
pypi
pyload-ng
High
about 1 month ago
vLLM has remote code execution vulnerability in the tool call parser for Qwen3-Coder
pypi
vllm
High
about 2 months ago
Copier's safe template has arbitrary filesystem read/write access
pypi
copier
High
about 2 months ago
Python-Future Module Arbitrary Code Execution via Unintended Import of test.py
pypi
future
High
about 2 months ago
Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality
pypi
keras
High
about 2 months ago
Picklescan has pickle parsing logic flaw that leads to malicious pickle file bypass
pypi
picklescan
High
about 2 months ago
PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
pypi
pyload-ng
High
about 2 months ago
copyparty allows Regex Denial of Service (ReDoS) in the upload listing
pypi
copyparty
High
2 months ago
OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size
pypi
OpenEXR
High
2 months ago
Skops has Inconsistent Trusted Type Validation that Enables Hidden `operator` Methods Execution
pypi
skops
High
2 months ago
`pyLoad` has Path Traversal Vulnerability in `json/upload` Endpoint that allows Arbitrary File Write
pypi
pyload-ng
High
3 months ago
pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages
pypi
pyload-ng
High
3 months ago
LlamaIndex vulnerable to Path Traversal attack through its encode_image function
pypi
llama-index-core
High
3 months ago
Lord of Large Language Models vulnerable to Observable Discrepancy attack via authenticate_user function
pypi
lollms
High
3 months ago
LlamaIndex has an XML Entity Expansion vulnerability in its sitemap parser
pypi
llama-index-readers-papers
High
3 months ago
LlamaIndex is vulnerable to Path Traversal attack through its ObsidianReader class
pypi
llama-index-readers-obsidian
High
3 months ago
MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS
pypi
mcp
High
3 months ago
MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service
pypi
mcp
High
3 months ago
MobSF vulnerability allows SSRF due to the allow_redirects=True parameter
pypi
mobsf
High
3 months ago
LLaMA-Factory allows Code Injection through improper vhead_file safeguards
pypi
llamafactory
High
3 months ago
LangChain Community SSRF vulnerability exists in RequestsToolkit component
pypi
langchain-community
High
4 months ago
BackendAI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
pypi
backend.ai
High
4 months ago
Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
pypi
jupyter_core
High
4 months ago
Apache Superset: Improper authorization bypass on row level security via SQL Injection
pypi
apache-superset
High
4 months ago
Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin
pypi
redshift-connector
High
4 months ago
Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking
pypi
django-select2
High
5 months ago
Langroid has a Code Injection vulnerability in LanceDocChatAgent through vector_store
pypi
langroid
High
5 months ago
setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write
pypi
setuptools
High
5 months ago
Tornado vulnerable to excessive logging caused by malformed multipart form data
pypi
tornado
High
5 months ago
label-studio vulnerable to Cross-Site Scripting (Reflected) via the label_config parameter.
pypi
label-studio
High
5 months ago
motionEye vulnerable to RCE in add_camera Function Due to unsafe command execution
pypi
motioneye
High
5 months ago
Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
pypi
vllm
High
6 months ago
youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization
pypi
youtube-dl
High
6 months ago
Whoogle allows attackers to execute arbitrary code via supplying a crafted search query
pypi
whoogle-search
High
6 months ago
Picklescan Vulnerable to Exfiltration via DNS via linecache and ssl.get_server_certificate
pypi
picklescan
High
6 months ago
Apache Airflow Common SQL Provider Vulnerable to SQL Injection
pypi
apache-airflow-providers-common-sql
High
6 months ago
jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"
pypi
jupyterlab-git
High
6 months ago
Synapse vulnerable to federation denial of service via malformed events
pypi
matrix-synapse
High
6 months ago
Frappe vulnerable to information disclosure leading to account takeover
pypi
frappe
High
7 months ago
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability
pypi, npm
open-webui
High
7 months ago
Quivr unauthenticated Denial of Service (DoS) via Multipart Boundary
pypi
quivr-core
High
7 months ago
LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request
pypi
litellm
Filter by Severity
Filter by Package
tensorflow
120
tensorflow-gpu
113
tensorflow-cpu
112
Django
49
Plone
33
mlflow
30
apache-airflow
29
salt
29
ansible
24
opencv-python
23
opencv-contrib-python
22
matrix-synapse
20
Pillow
18
pillow
18
rdiffweb
17
gradio
17
keystone
15
open-webui
15
vyper
14
mindsdb
13
apache-superset
13
django
10
nova
10
neutron
9
h2o
9
cobbler
9
litellm
9
aim
9
lollms
9
mercurial
9
moin
8
pyload-ng
8
cryptography
8
opencv-python-headless
7
ryu
7
ai.h2o:h2o-core
7
vllm
6
sentry
6
kiwitcms
6
opencv-contrib-python-headless
6
label-studio
6
nautobot
6
aubio
6
ethyca-fides
6
trytond
6
mobsf
6
notebook
5
pyftpdlib
5
pyspark
5
waitress
5
pgadmin4
5
paddlepaddle
5
zope
5
nltk
5
plone
5
agentscope
5
glance
5
OctoPrint
5
inventree
4
vantage6
4
urllib3
4
lief
4
keras
4
fschat
4
wagtail
4
Zope
4
calibreweb
4
setuptools
4
pip
4
scrapy
4
numpy
4
oauthenticator
4
python-gnupg
4
tornado
4
transformers
4
esphome
4
RestrictedPython
4
onnx
4
swift
4
skops
4
grpcio
3
aws-iot-device-sdk-v2
3
pretix
3
yt-dlp
3
llama-index
3
keyring
3
indy-node
3
protobuf
3
plone.app.event
3
python-keystoneclient
3
plone.supermodel
3
PaddlePaddle
3
langflow
3
dbgpt
3
open-webui
3
motioneye
3
grpc
3
django-helpdesk
3
langchain-community
3
awsiotsdk
3
Moin
3
Jinja2
3
cinder
3
plone.app.theming
3
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
3
ipython
3
apache-airflow-providers-apache-spark
3
plone.app.dexterity
3
sanic
3
modoboa
3
trac
3
llama-index-core
3
gunicorn
3
langchain
3
paramiko
3
flask
3
monai
3
changedetection.io
3
ydata-profiling
3
OpenEXR
2
feedparser
2
keystonemiddleware
2
werkzeug
2
asyncua
2
starlette
2
homeassistant
2
pysaml2
2
jupyterlab
2
clearml
2
jupyter-server
2
markdown-it-py
2
ebookmeta
2
mailman
2
indico
2
onionshare-cli
2
llamafactory
2
slixmpp
2
kallithea
2
copyparty
2
prefect
2
qutebrowser
2
pyo
2
Flask-AppBuilder
2
admesh
2
openvpn-monitor
2
mesop
2
typed-ast
2
refuel-autolabel
2
org.apache.spark:spark-parent_2.12
2
bentoml
2
tlslite-ng
2
authlib
2
zenml
2
Werkzeug
2
keylime
2
httpie
2
Kallithea
2
ckan
2
webargs
2
twisted
2
pyinstaller
2
sagemaker
2
rsa
2
lmdb
2
bottle
2
asteval
2
pypqc
2
pywasm3
2
reportlab
2
jupyterhub
2
pycryptodome
2
apache-airflow-providers-apache-drill
2
nicegui
2
aiohttp
2
fastecdsa
2
ecdsa
2
torch
2
future
2
rpyc
2
matrix-sydent
2
portage
2
uWSGI
2
langroid
2
mysql-connector-python
2
python-multipart
2
guardrails-ai
2
mistral
2
InvokeAI
2
websockets
2
Pygments
2
uvicorn
2
litestar
2
mcp
2
backend.ai
2
Weblate
2
GeoNode
2
Flask-Cors
2
luigi
2
FreeTAKServer
2
poetry
2
Filter by Repository
https://github.com/tensorflow/tensorflow
122
https://github.com/django/django
51
https://github.com/apache/airflow
39
https://github.com/python-pillow/Pillow
35
https://github.com/opencv/opencv
25
https://github.com/ansible/ansible
19
https://github.com/ikus060/rdiffweb
17
https://github.com/gradio-app/gradio
16
https://github.com/plone/Products.CMFPlone
16
https://github.com/mlflow/mlflow
15
https://github.com/openstack/keystone
14
https://github.com/vyperlang/vyper
14
https://github.com/matrix-org/synapse
13
https://github.com/mindsdb/mindsdb
13
https://github.com/saltstack/salt
13
https://github.com/run-llama/llama_index
10
https://github.com/openstack/nova
9
https://github.com/h2oai/h2o-3
8
https://github.com/pyca/cryptography
8
https://github.com/PaddlePaddle/Paddle
8
https://github.com/pyload/pyload
8
https://github.com/cobbler/cobbler
7
https://github.com/MobSF/Mobile-Security-Framework-MobSF
7
https://github.com/parisneo/lollms
7
https://github.com/faucetsdn/ryu
7
https://github.com/nautobot/nautobot
6
https://github.com/ethyca/fides
6
https://github.com/vllm-project/vllm
6
https://github.com/aubio/aubio
6
https://github.com/open-webui/open-webui
6
https://github.com/getsentry/sentry
6
https://github.com/kiwitcms/Kiwi
6
https://github.com/pgadmin-org/pgadmin4
6
https://github.com/HumanSignal/label-studio
5
https://github.com/openstack/neutron
5
https://github.com/zopefoundation/Zope
5
https://github.com/langchain-ai/langchain
5
https://github.com/element-hq/synapse
5
https://github.com/Pylons/waitress
5
https://github.com/vantage6/vantage6
5
https://github.com/numpy/numpy
4
https://github.com/jupyterhub/oauthenticator
4
https://github.com/aimhubio/aim
4
https://github.com/zopefoundation/RestrictedPython
4
https://github.com/OctoPrint/OctoPrint
4
https://github.com/esphome/esphome
4
https://github.com/huggingface/transformers
4
https://github.com/lief-project/LIEF
4
https://github.com/tornadoweb/tornado
4
https://github.com/BerriAI/litellm
4
https://github.com/keras-team/keras
4
https://github.com/apache/superset
4
https://github.com/scrapy/scrapy
4
https://github.com/urllib3/urllib3
4
https://github.com/nltk/nltk
4
https://github.com/berriai/litellm
4
https://github.com/onnx/onnx
4
https://github.com/wagtail/wagtail
4
https://github.com/openstack/glance
3
https://github.com/twisted/twisted
3
https://github.com/pallets/werkzeug
3
https://github.com/dgtlmoon/changedetection.io
3
https://github.com/tryton/trytond
3
https://github.com/aws/aws-iot-device-sdk-java-v2
3
https://github.com/janeczku/calibre-web
3
https://github.com/Project-MONAI/MONAI
3
https://github.com/GeoNode/geonode
3
https://github.com/django-helpdesk/django-helpdesk
3
https://github.com/pypa/setuptools
3
https://github.com/modelscope/agentscope
3
https://github.com/hyperledger/indy-node
3
https://github.com/jupyter-server/jupyter_server
3
https://github.com/openstack/cinder
3
https://github.com/skops-dev/skops
3
https://github.com/Kludex/python-multipart
3
https://github.com/langflow-ai/langflow
3
https://github.com/pyca/pyopenssl
3
https://github.com/keylime/keylime
3
https://github.com/benoitc/gunicorn
3
https://github.com/openstack/swift
3
https://github.com/giampaolo/pyftpdlib
3
https://github.com/octoprint/octoprint
3
https://github.com/pyinstaller/pyinstaller
3
https://sourceforge.net/projects/sourceforge.net
3
https://github.com/yt-dlp/yt-dlp
3
https://github.com/ipython/ipython
3
https://github.com/python/cpython
3
https://github.com/encode/starlette
3
https://sourceforge.net/projects/roject
3
https://github.com/inventree/InvenTree
3
https://github.com/pypa/pip
3
https://github.com/dlitz/pycrypto
2
https://github.com/pytorch/pytorch
2
https://github.com/sanic-org/sanic
2
https://github.com/pygments/pygments
2
https://github.com/modoboa/modoboa
2
https://github.com/lmfit/asteval
2
https://gitlab.com/daniele_m/cve-list
2
https://github.com/refuel-ai/autolabel
2
https://github.com/furlongm/openvpn-monitor
2
https://github.com/Netflix/lemur
2
https://github.com/FreeTAKTeam/FreeTakServer
2
https://github.com/aaugustin/websockets
2
https://github.com/pypa/advisory-db
2
https://github.com/indico/indico
2
https://github.com/wasm3/wasm3
2
https://github.com/corydolphin/flask-cors
2
https://github.com/litestar-org/litestar
2
https://github.com/snowflakedb/snowflake-connector-python
2
https://github.com/jupyter/notebook
2
https://github.com/aws/sagemaker-python-sdk
2
https://github.com/aws/amazon-redshift-python-driver
2
https://github.com/man-group/dtale
2
https://github.com/jupyterlab/jupyterlab
2
https://github.com/zenml-io/zenml
2
https://github.com/jupyterhub/jupyterhub
2
https://github.com/jpadilla/pyjwt
2
https://github.com/stchris/untangle
2
https://github.com/jhpyle/docassemble
2
https://github.com/dnkorpushov/ebookmeta
2
https://github.com/aio-libs/aiohttp
2
https://github.com/jaraco/keyring
2
https://github.com/admesh/admesh
2
https://github.com/openstack/mistral
2
https://github.com/poezio/slixmpp
2
https://github.com/hiyouga/LLaMA-Factory
2
https://github.com/marshmallow-code/webargs
2
https://github.com/guardrails-ai/guardrails
2
https://github.com/jupyter/jupyter_core
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/Kozea/CairoSVG
2
https://github.com/FreeOpcUa/opcua-asyncio
2
https://github.com/onionshare/onionshare
2
https://github.com/python-poetry/poetry
2
https://github.com/tomerfiliba-org/rpyc
2
https://github.com/andialbrecht/sqlparse
2
https://github.com/langroid/langroid
2
https://github.com/geopython/OWSLib
2
https://github.com/home-assistant/core
2
https://github.com/modelcontextprotocol/python-sdk
2
https://github.com/mmaitre314/picklescan
2
https://github.com/invoke-ai/InvokeAI
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/WeblateOrg/weblate
2
https://github.com/belangeo/pyo
2
https://github.com/pretix/pretix
2
https://github.com/executablebooks/markdown-it-py
2
https://github.com/9001/copyparty
2
https://github.com/heartexlabs/label-studio
2
https://github.com/paramiko/paramiko
2
https://github.com/ietf-tools/xml2rfc
2
https://github.com/zauberzeug/nicegui
2
https://github.com/aio-libs/aiohttp-session
2
https://github.com/TeamSeri0us/pocs
2
https://github.com/bottlepy/bottle
2
https://github.com/qutebrowser/qutebrowser
2
https://github.com/sybrenstuvel/python-rsa
2
https://github.com/gitpython-developers/GitPython
2
https://github.com/Legrandin/pycryptodome
2
https://github.com/spotify/luigi
2
https://github.com/grpc/grpc
2
https://github.com/AntonKueltz/fastecdsa
2
https://github.com/pallets/flask
2
https://github.com/JamesTheAwesomeDude/pypqc
2
https://github.com/trentm/python-markdown2
1
https://github.com/giampaolo/psutil
1
https://github.com/Tanganelli/CoAPthon
1
https://github.com/PyconUK/ConferenceScheduler-cli
1
https://github.com/ome/omero-web
1
https://github.com/piskvorky/sqlitedict
1
https://github.com/openstack/manila
1
https://github.com/mithril-security/sgx-dcap-quote-verify-python
1
https://github.com/ubertidavide/fastbots
1
https://github.com/Supervisor/supervisor
1
https://github.com/PrefectHQ/prefect
1
https://github.com/warner/python-ecdsa
1
https://github.com/latchset/kdcproxy
1
https://github.com/openstack/ironic-inspector
1
https://github.com/apache/pulsar
1
https://github.com/celery/django-celery-results
1
https://github.com/pulp/pulpcore
1
https://github.com/ansibleguy/webui
1
https://github.com/pyupio/dparse
1
https://github.com/nanopb/nanopb
1
https://github.com/voila-dashboards/voila
1
https://github.com/anibali/pywebp
1
https://github.com/jakubroztocil/httpie
1
https://github.com/jupyter/nbgrader
1
https://github.com/python-mechanize/mechanize
1
https://github.com/Kozea/Radicale
1
https://github.com/apache/httpd
1
https://github.com/apache/mxnet
1
https://github.com/DIRACGrid/DIRAC
1
https://github.com/irmen/Pyro3
1
https://github.com/clinical-genomics/scout
1
https://github.com/Pycord-Development/pycord
1
https://github.com/matthiask/html-sanitizer
1
https://github.com/DDMAL/MEI2Volpiano
1
https://github.com/coleifer/sqlite-web
1