Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2026-191
  • PyPI/libc-dev
 Malicious code in libc-dev (PyPI) 17 hours ago
  • No fix available
MAL-2026-189
  • PyPI/oncecall
 Malicious code in oncecall (PyPI) yesterday
  • No fix available
GHSA-h4rm-mm56-xf63
  • PyPI/fickling
 Fickling vulnerable to detection bypass due to "builtins" blindness 2 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-q5qq-mvfm-j35x
  • PyPI/fickling
 Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist 2 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-5hvc-6wx8-mvv4
  • PyPI/fickling
 Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection 2 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-p523-jq9w-64x9
  • PyPI/fickling
 Fickling Blocklist Bypass: cProfile.run() 2 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-wfq2-52f7-7qvj
  • PyPI/fickling
 Fickling has a bypass via runpy.run_path() and runpy.run_module() 2 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-4f6g-68pf-7vhv
  • PyPI/pypdf
 pypdf has possible long runtimes for malformed startxref 2 days ago
  • Fix available
  • Severity - 2.7 (Low)
GHSA-4xc4-762w-m6cg
  • PyPI/pypdf
 pypdf has possible long runtimes for missing /Root object with large /Size values 2 days ago
  • Fix available
  • Severity - 2.7 (Low)
GHSA-fg6f-75jq-6523
  • PyPI/authlib
 Authlib has 1-click Account Takeover vulnerability 3 days ago
  • Fix available
  • Severity - 5.7 (Medium)
GHSA-mcmc-2m55-j8jj
  • PyPI/vllm
 vLLM introduced enhanced protection for CVE-2025-62164 3 days ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-mp55-g7pj-rvm2
  • PyPI/nicegui
 NiceGUI has Redis connection leak via tab storage causes service degradation 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-mhpg-c27v-6mxr
  • PyPI/nicegui
 NiceGUI apps which use `ui.sub_pages` vulnerable to zero-click XSS 3 days ago
  • Fix available
  • Severity - 7.2 (High)
GHSA-m7j5-rq9j-6jj9
  • PyPI/nicegui
 NiceGUI apps are vulnerable to XSS which uses `ui.sub_pages` and render arbitrary user-provided links 3 days ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-7grm-h62g-5m97
  • PyPI/nicegui
 NiceGUI is vulnerable to XSS via Unescaped URL in ui.navigate.history.push() / replace() 3 days ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-87hc-h4r5-73f7
  • PyPI/werkzeug
 Werkzeug safe_join() allows Windows special device names with compound extensions 3 days ago
  • Fix available
  • Severity - 6.3 (Medium)
Load more...