Skip to main content

Python

2165 CVEs product

Monthly

CVE-2026-23946 PyPI MEDIUM POC PATCH This Month

Remote code execution in Tendenci CMS versions 15.3.11 and below allows authenticated staff users to execute arbitrary code through unsafe pickle deserialization in the Helpdesk module's reporting function. The vulnerability stems from incomplete patching of CVE-2020-14942, where the run_report() function continues to use unsafe pickle.loads() despite the ticket_list() function being corrected. Public exploit code exists for this issue, though impact is limited to the privileges of the application's runtime user.

Python RCE Deserialization Tendenci
NVD GitHub
CVSS 3.1
6.8
EPSS
0.4%
CVE-2026-22807 PyPI CRITICAL PATCH Act Now

Remote code execution in vLLM 0.10.1 through 0.13.x lets an attacker who controls the model repository or path run arbitrary Python on the inference host: vLLM auto-loads Hugging Face `auto_map` dynamic modules during model resolution without honoring the `trust_remote_code` safety gate, so attacker-supplied code executes at server startup before any request is processed and without API access. The flaw carries a CVSS 9.8 and is fixed in 0.14.0, with Red Hat shipping multiple RHSA errata; however EPSS is only 0.06% (17th percentile) and there is no public exploit identified at time of analysis, so exploitation hinges on an attacker first influencing which model is loaded. This is a code-injection (CWE-94) trust-boundary bypass rather than a remotely reachable network service bug despite the AV:N rating.

Python Vllm Code Injection RCE
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-12781 MEDIUM POC PATCH This Month

When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. [CVSS 5.3 MEDIUM]

Python Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-56005 CRITICAL POC PATCH Act Now

PLY (Python Lex-Yacc) library 3.11 has an unsafe feature enabling remote code execution through pickle deserialization of cached parser tables, with EPSS 0.91%.

Python RCE Deserialization Ply
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2026-0863 HIGH POC PATCH This Week

Authenticated users can exploit string formatting and exception handling in n8n's Python task executor to escape sandbox restrictions and execute arbitrary code on the underlying operating system, with full instance takeover possible in Internal execution mode. Public exploit code exists for this vulnerability, which affects n8n deployments running under Internal execution mode where the Python executor has direct OS access. External execution mode deployments using Docker sidecars have reduced impact as code execution is confined to the container rather than the main node.

Python Docker AI / ML N8n
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-23490 PyPI HIGH PATCH This Week

pyasn1 is a generic ASN.1 library for Python. versions up to 0.6.2 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Python Denial Of Service Debian Linux Pyasn1
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23528 PyPI MEDIUM PATCH This Month

Dask distributed is a distributed task scheduler for Dask. [CVSS 6.1 MEDIUM]

Linux Python AI / ML Dask
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-0897 PyPI HIGH PATCH GHSA This Week

Memory-exhaustion denial of service in Google Keras 3.0.0 through 3.13.0 lets a remote attacker crash the Python interpreter by getting a victim to load a malicious .keras model archive. The crafted archive embeds a valid model.weights.h5 HDF5 file whose dataset declares an enormously large shape, so the weight loader attempts to allocate unbounded memory during deserialization. There is no public exploit identified at time of analysis, EPSS risk is low (0.03%), and a vendor fix is available.

Google Python Denial Of Service Keras
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-22779 PyPI MEDIUM PATCH This Month

BlackSheep's HTTP client prior to version 2.4.6 is vulnerable to CRLF injection due to insufficient header validation, allowing attackers to inject malicious headers or forge HTTP requests when developers pass unsanitized user input into header fields. Only applications using BlackSheep as an HTTP client are affected; the server component is not impacted. A patch is available in version 2.4.6 and later.

Python Blacksheep
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2022-50919 CRITICAL POC Act Now

Tdarr 2.00.15 media transcoding server has unauthenticated RCE through command injection in the Help terminal. Commands can be chained without any input filtering. PoC available.

Python RCE Tdarr
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
1.1%
CVE-2026-21226 PyPI HIGH PATCH This Week

Remote code execution in Azure Core Shared Client Library for Python results from insecure deserialization of untrusted data, allowing authenticated network-based attackers to achieve arbitrary code execution. The vulnerability affects Python applications utilizing the vulnerable library versions, with no patch currently available. This represents a high-severity risk for Azure SDK consumers handling external or user-supplied serialized data.

Python Azure Deserialization Azure Core Shared Client Library Suse
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2026-22702 PyPI MEDIUM PATCH This Month

Virtualenv versions up to 20.36.1 is affected by improper link resolution before file access (CVSS 4.5).

Python Race Condition Virtualenv Red Hat Suse
NVD GitHub
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-22701 PyPI MEDIUM PATCH This Month

Python's filelock SoftFileLock implementation prior to version 3.20.3 contains a TOCTOU race condition that allows local attackers with symlink creation privileges to interfere with lock file operations between permission validation and file creation. An attacker can exploit this window to create a symlink at the target lock path, causing lock operations to fail or redirect to unintended files, resulting in denial of service or unexpected behavior. Upgrade to filelock version 3.20.3 or later to remediate this vulnerability.

Python Denial Of Service Race Condition Filelock Red Hat +1
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22691 PyPI MEDIUM PATCH This Month

pypdf versions prior to 6.6.0 are vulnerable to denial of service through CPU exhaustion when processing malformed PDF files with crafted startxref entries in non-strict reading mode. An attacker can create a specially crafted PDF containing excessive whitespace that causes the library to consume significant processing resources during cross-reference table reconstruction. A patch is available in version 6.6.0 and later.

Python Pypdf Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22690 PyPI MEDIUM PATCH This Month

Denial of service via resource exhaustion in pypdf prior to version 6.6.0 allows remote attackers to trigger excessive processing times by submitting specially crafted PDF files with missing /Root objects and inflated /Size values. The vulnerability only affects non-strict parsing mode and causes the library to consume significant CPU resources when processing otherwise invalid documents. A patch is available in version 6.6.0 and later.

Python Pypdf Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22612 PyPI HIGH PATCH This Week

Fickling versions prior to 0.1.7 fail to properly detect malicious pickle payloads due to inadequate handling of the "builtins" module, allowing attackers to bypass security analysis and potentially execute arbitrary code. This vulnerability affects Python environments using vulnerable versions of Fickling for pickle inspection and static analysis. An attacker can craft specially designed pickle files that evade detection mechanisms, compromising the integrity of pickle validation workflows.

Python AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-22609 PyPI HIGH POC PATCH This Week

Fickling's static analyzer before version 0.1.7 fails to detect several dangerous Python modules in pickled objects, enabling attackers to craft malicious pickles that bypass safety checks and achieve arbitrary code execution. This vulnerability affects users relying on Fickling to validate untrusted serialized Python objects for safety. Public exploit code exists for this HIGH severity vulnerability, though a patch is available in version 0.1.7 and later.

Python Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22608 PyPI HIGH PATCH This Week

Fickling before version 0.1.7 allows local attackers to achieve arbitrary code execution through Python pickle deserialization by chaining unblocked ctypes and pydoc modules, bypassing the tool's safety scanner which incorrectly reports malicious files as LIKELY_SAFE. An attacker with user interaction can exploit this vulnerability to execute code with the privileges of the Python process. A patch is available in version 0.1.7 and later.

Python RCE Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22607 PyPI HIGH POC PATCH This Week

Fickling's static analyzer through version 0.1.6 fails to properly classify the cProfile module as unsafe during pickle analysis, causing malicious pickles leveraging cProfile.run() to be marked as SUSPICIOUS rather than OVERTLY_MALICIOUS. Organizations using Fickling as a security gate for deserialization decisions may be deceived into executing attacker-controlled code. Public exploit code exists for this vulnerability, and patches are available in version 0.1.7 and later.

Python Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-22606 PyPI HIGH POC PATCH This Week

Fickling's incomplete pickle analysis allows attackers to bypass security checks by using Python's runpy module to execute arbitrary code. Versions through 0.1.6 misclassify dangerous runpy-based payloads as merely suspicious rather than malicious, enabling code execution on systems that rely on Fickling to validate pickle safety. Public exploit code exists for this vulnerability, though a patch is available in version 0.1.7.

Python Deserialization AI / ML Fickling
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-68158 PyPI MEDIUM POC PATCH This Month

Authlib is a Python library which builds OAuth and OpenID Connect servers. [CVSS 5.7 MEDIUM]

Python CSRF Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-22041 PyPI MEDIUM POC PATCH This Month

Logging Redactor prior to version 0.0.6 fails to properly handle non-string data types during redaction operations, causing type conversion errors that can disrupt log formatting and integrity checks. Public exploit code exists for this vulnerability, allowing attackers to craft inputs that bypass the redaction mechanism or cause denial of service through malformed log output. Users of Logging Redactor should upgrade to version 0.0.6 or later, as no patch is currently available for affected earlier versions.

Python Logging Redactor
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-21892 PyPI MEDIUM POC PATCH This Month

SQL injection in Parsl's visualization dashboard allows unauthenticated attackers to execute arbitrary database queries through unsafe string formatting of the workflow_id parameter. Public exploit code exists for this vulnerability, enabling potential data theft or database denial of service attacks against the monitoring infrastructure. The issue affects Parsl versions prior to 2026.01.05, which includes the fix.

Python SQLi Denial Of Service Parsl
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-21874 PyPI MEDIUM POC PATCH This Month

NiceGUI versions 2.10.0 through 3.4.1 fail to properly release Redis connections when users open and close browser tabs, allowing unauthenticated attackers to exhaust the Redis connection pool and degrade service functionality. An attacker can repeatedly trigger connection leaks without authentication, causing storage errors and degraded performance once connection limits are reached. Public exploit code exists for this vulnerability, which is patched in version 3.5.0.

Python Redis Nicegui
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-21873 PyPI HIGH POC PATCH This Week

NiceGUI versions 2.22.0 through 3.4.1 contain a cross-site DOM-based XSS vulnerability in the pushstate event listener for ui.sub_pages that allows attackers to manipulate URL fragment identifiers via iframe injection. Public exploit code exists for this vulnerability, and affected users should upgrade to version 3.5.0 or later as no patch is currently available for vulnerable versions.

Python Nicegui
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-21872 PyPI MEDIUM POC PATCH This Month

NiceGUI versions 2.22.0 through 3.4.1 contain a stored cross-site scripting vulnerability in the click event listener of ui.sub_pages that executes attacker-controlled JavaScript when users click malicious links on the page. Public exploit code exists for this vulnerability, and affected users should upgrade to version 3.5.0 or later immediately. The vulnerability requires user interaction but can impact confidentiality and integrity with network-accessible exploitation.

Python XSS Nicegui
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-21871 PyPI MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in NiceGUI versions 2.13.0 through 3.4.1 allows attackers to execute arbitrary JavaScript in users' browsers when applications pass untrusted input to the ui.navigate.history.push() or ui.navigate.history.replace() functions due to improper string escaping in generated JavaScript. Public exploit code exists for this vulnerability, and developers using affected versions should upgrade to 3.5.0 or later, or avoid passing user-controlled data to these navigation helpers. Applications that only use these functions with trusted, hardcoded URLs are unaffected.

Python XSS Nicegui
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-21883 PyPI MEDIUM POC PATCH This Month

Bokeh versions 3.8.1 and below allow attackers to bypass Origin validation in WebSocket connections by registering domains that suffix-match allowlisted domains (e.g., dashboard.corp.attacker.com for allowlist entry dashboard.corp), enabling unauthorized server interaction. Public exploit code exists for this vulnerability, which could allow attackers to access sensitive data or modify visualizations on behalf of victims. The issue is resolved in Bokeh 3.8.2.

Python Bokeh Red Hat Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-15346 PyPI PATCH This Week

A vulnerability in the handling of verify_mode = CERT_REQUIRED in the wolfssl Python package (wolfssl-py) causes client certificate requirements to not be fully enforced.

Python TLS
NVD GitHub
EPSS
0.1%
CVE-2026-21441 PyPI HIGH PATCH This Week

Uncontrolled resource consumption in the Python urllib3 HTTP client library (versions 1.22 through 2.6.2) lets a malicious or compromised server crash or exhaust memory on the client by serving a compressed redirect response. When an application streams from an untrusted source with preload_content=False and has not disabled redirects, urllib3 eagerly drains and decompresses the entire redirect body before any read call, ignoring configured read limits, leaving no defense against decompression bombs. EPSS is low (0.03%), there is no public exploit identified at time of analysis, and it is not in CISA KEV, but the bug is broadly reachable given urllib3's ubiquity.

Python Urllib3 Information Disclosure
NVD GitHub VulDB
CVSS 4.0
8.9
EPSS
0.0%
CVE-2026-22188 MEDIUM POC This Month

Panda3D's deploy-stub executable up to version 1.10.16 is vulnerable to denial of service through unvalidated stack allocation based on command-line argument counts, allowing local attackers to crash the application by supplying excessive arguments. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw can trigger reliable crashes and undefined behavior during Python interpreter initialization.

Python Denial Of Service Panda3d
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-14026 HIGH This Week

Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. [CVSS 7.8 HIGH]

Python One Data Loss Prevention
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-69230 PyPI MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. [CVSS 5.3 MEDIUM]

Python Aiohttp Red Hat Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-69229 PyPI MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. [CVSS 5.3 MEDIUM]

Python Denial Of Service Aiohttp Red Hat Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-69228 PyPI HIGH PATCH This Week

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. [CVSS 7.5 HIGH]

Python Aiohttp Red Hat Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69227 PyPI HIGH PATCH This Week

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. [CVSS 7.5 HIGH]

Python Denial Of Service Aiohttp Red Hat Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69225 PyPI MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. [CVSS 5.3 MEDIUM]

Python Aiohttp Red Hat Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-69226 PyPI MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. [CVSS 5.3 MEDIUM]

Python Path Traversal Aiohttp Red Hat Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-69224 PyPI MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. [CVSS 6.5 MEDIUM]

Python Aiohttp Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-69223 PyPI HIGH PATCH This Week

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. [CVSS 7.5 HIGH]

Python Aiohttp Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21437 MEDIUM PATCH This Month

Eopkg package manager versions before 4.4.0 fail to track files included in malicious packages, allowing undetected file installation when users install from compromised sources. An attacker can distribute packages containing hidden files that evade detection by package management tools like lseopkg. Users installing exclusively from official Solus repositories are unaffected.

Python Eopkg
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21436 MEDIUM PATCH This Month

Eopkg package manager versions before 4.4.0 fail to enforce the --destdir installation path, allowing malicious packages to write files to arbitrary locations on the host filesystem. An attacker can exploit this by distributing a compromised package that bypasses the intended installation directory, potentially overwriting system files or placing malicious content outside the sandboxed installation path. Users are only at risk if installing packages from untrusted or compromised sources; Solus repository packages are unaffected.

Python Eopkg
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-21428 HIGH POC PATCH This Week

Cpp-Httplib versions up to 0.30.0 contains a vulnerability that allows attackers to add extra headers, modify request body unexpectedly & trigger an SSRF attack (CVSS 7.5).

Python SSRF Cpp Httplib Red Hat Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-11157 PyPI HIGH PATCH This Week

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at `feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py`. [CVSS 7.8 HIGH]

Python Kubernetes RCE Deserialization
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-66622 Cargo HIGH PATCH This Week

A serialization bug in matrix-sdk-base allows remote attackers to cause denial-of-service by sending rooms with custom m.room.join_rules values, which stalls the sync process and prevents all room processing. The vulnerability affects matrix-sdk-base versions 0.14.1 and prior and has a high availability impact (CVSS 7.5) with a patch available in version 0.16.0. With a low EPSS score of 0.06% and no KEV listing, this represents a moderate real-world risk primarily concerning service availability rather than active exploitation.

Denial Of Service Deserialization Python Matrix Rust Sdk
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2020-36876 HIGH POC This Week

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running on the device. Attackers can access sensitive information by visiting the message_log page.

Information Disclosure Python
NVD Exploit-DB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-66471 PyPI HIGH PATCH This Week

A security vulnerability in version 1.0 and (CVSS 7.5). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Information Disclosure Python Ubuntu Debian Urllib3 +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-66418 PyPI HIGH PATCH This Week

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.

Python Denial Of Service Ubuntu Debian Urllib3 +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-6966 MEDIUM POC PATCH This Month

NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.

Null Pointer Dereference Python Denial Of Service Ubuntu Debian +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-54307 HIGH This Week

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The plupload_file_upload function handles these file uploads and constructs the destination file path by using either the name parameter or the uploaded filename, neither of which is properly sanitized. The file extension is extracted by splitting the filename, and a format string is used to construct the final file path, leaving the destination path vulnerable to path traversal. An authenticated attacker with network connectivity can write arbitrary files to the server, enabling remote code execution after overwriting an executable file. An example is the pdflatex executable, which is executed through subprocess.Popen in the write_report_pdf function after requests to a /report/latex/(\d+).pdf endpoint.

Path Traversal RCE Python Torrent Suite Software
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-54306 HIGH This Week

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability exists in the network configuration functionality, stemming from insufficient input validation when processing network configuration parameters through administrative endpoints. The application allows administrators to modify the server's network configuration through the Django application. This configuration is processed by Bash scripts (TSsetnoproxy and TSsetproxy) that write user-controlled data directly to environment variables without proper sanitization. After updating environment variables, the scripts execute a source command on /etc/environment; if an attacker injects malicious data into environment variables, this command can enable arbitrary command execution. The vulnerability begins with the /admin/network endpoint, which passes user-supplied form data as arguments to subprocess.Popen calls. The user-supplied input is then used to update environment variables in TSsetnoproxy and TSsetproxy, and finally source $environment is executed.

RCE Python Torrent Suite Software
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2025-54305 HIGH This Week

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTE_ADDR property in request.META is set to 127.0.0.1, to 127.0.1.1, or to ::1. Any user with local access to the server may bypass authentication.

Authentication Bypass Python Torrent Suite Software
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-54303 CRITICAL Act Now

A remote code execution vulnerability in Thermo Fisher Torrent Suite Django application 5.18.1 (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Information Disclosure Python Torrent Suite Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-12084 MEDIUM PATCH This Month

CVE-2025-12084 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Ubuntu Debian Python Red Hat +1
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-66416 PyPI HIGH POC PATCH GHSA This Week

CVE-2025-66416 is a security vulnerability (CVSS 8.1) that allows dns rebinding protection. High severity vulnerability requiring prompt remediation. Vendor patch is available.

Authentication Bypass Python Mcp Python Sdk Red Hat
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-64460 PyPI HIGH PATCH This Week

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. Algorithmic complexity in `django.core.serializers.xml_serializer.getInnerText()` allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML input processed by the XML `Deserializer`. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Seokchan Yoon for reporting this issue.

Information Disclosure Python Ubuntu Debian Django +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-13372 PyPI MEDIUM PATCH This Month

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. `FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Stackered for reporting this issue.

SQLi PostgreSQL Python Ubuntu Debian +3
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-66448 PyPI HIGH PATCH This Week

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.

RCE Python Code Injection Debian Vllm +1
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-13837 MEDIUM PATCH This Month

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

Denial Of Service Ubuntu Debian Python Red Hat +1
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-66034 PyPI MEDIUM POC PATCH This Month

fontTools is a library for manipulating fonts, written in Python. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. Public exploit code available.

RCE Python Fonttools Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-12638 HIGH PATCH This Week

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Python Red Hat
NVD
CVSS 3.0
8.0
EPSS
0.0%
CVE-2025-66040 PyPI LOW PATCH Monitor

Spotipy is a Python library for the Spotify Web API. Rated low severity (CVSS 3.6), this vulnerability is no authentication required. No vendor patch available.

XSS Python
NVD GitHub
CVSS 3.1
3.6
EPSS
0.0%
CVE-2025-66019 PyPI MEDIUM PATCH This Month

pypdf is a free and open-source pure-python PDF library. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Python Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
6.6
EPSS
0.1%
CVE-2025-62703 PyPI HIGH POC PATCH This Week

Fugue is a unified interface for distributed computing that lets users execute Python, Pandas, and SQL code on Spark, Dask, and Ray with minimal rewrites. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Deserialization RCE Python Fugue
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-65106 PyPI HIGH PATCH This Month

LangChain is a framework for building agents and LLM-powered applications. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Python Ssti Langchain AI / ML +1
NVD GitHub
CVSS 4.0
8.3
EPSS
0.1%
CVE-2025-65015 PyPI CRITICAL POC PATCH Act Now

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Python Joserfc Red Hat Suse
NVD GitHub
CVSS 4.0
9.2
EPSS
0.1%
CVE-2025-64076 PyPI HIGH POC PATCH This Month

Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string() function of the C extension decoder (source/decoder.c): (1) Integer Underflow Leading to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Buffer Overflow Python Cbor2 +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-33184 HIGH This Month

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia Python Code Injection
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33183 HIGH This Month

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia Python Code Injection
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-63604 MEDIUM POC This Week

A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the execute_query method. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Authentication Bypass Python Aws Resources Mcp Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-63603 MEDIUM POC This Week

A command injection vulnerability exists in the MCP Data Science Server's (reading-plus-ai/mcp-server-data-exploration) 0.1.6 in the safe_eval() function (src/mcp_server_ds/server.py:108). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Python Mcp Server For Data Exploration
NVD GitHub
CVSS 3.1
6.5
EPSS
2.7%
CVE-2025-41736 HIGH This Month

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP RCE Python Ewio2 M Firmware +2
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2025-64703 MEDIUM This Month

MaxKB is an open-source AI assistant for enterprise. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Python Maxkb
NVD GitHub
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-64511 HIGH This Month

MaxKB is an open-source AI assistant for enterprise. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Python Maxkb
NVD GitHub
CVSS 3.1
7.4
EPSS
0.1%
CVE-2025-61667 HIGH This Month

The Datadog Agent collects events and metrics from hosts and sends them to Datadog. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Python Microsoft Kubernetes Privilege Escalation Windows +1
NVD GitHub
CVSS 4.0
7.0
EPSS
0.0%
CVE-2025-30182 MEDIUM This Month

Uncontrolled search path for some Intel(R) Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Python Privilege Escalation
NVD
CVSS 4.0
5.4
EPSS
0.0%
CVE-2025-64484 Go HIGH PATCH This Month

OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Python Red Hat
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2025-64182 PyPI MEDIUM POC PATCH GHSA This Month

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Python Openexr Red Hat +1
NVD GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-63397 MEDIUM POC This Month

Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code during broadcasting/type conversion. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Python Oneflow
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-12967 PyPI HIGH PATCH This Week

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Python Privilege Escalation
NVD GitHub
CVSS 4.0
8.6
EPSS
0.2%
CVE-2025-64459 PyPI CRITICAL POC PATCH GHSA Act Now

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Python Django Red Hat Suse
NVD Exploit-DB
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-64458 PyPI HIGH PATCH GHSA This Month

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Python Django Windows +2
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-61677 PyPI LOW PATCH Monitor

DataChain is a Python-based AI-data warehouse for transforming and analyzing unstructured data. Versions 0.34.1 and below allow for deseriaization of untrusted data because of the way the DataChain library reads serialized objects from environment variables (such as DATACHAIN__METASTORE and DATACHAIN__WAREHOUSE) in the loader.py module. An attacker with the ability to set these environment variables can trigger code execution when the application loads. This issue is fixed in version 0.34.2.

RCE Python Deserialization
NVD GitHub
CVSS 3.1
2.5
EPSS
0.1%
CVE-2025-53354 PyPI MEDIUM PATCH This Month

NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting (XSS) when developers render unescaped user input into the DOM using ui.html(). NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() or ui.chat_message with HTML content without escaping may allow attackers to execute arbitrary JavaScript in the user’s browser. Applications that do not pass untrusted input into ui.html() are not affected. This issue is fixed in version 3.0.0.

XSS Python
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-59682 PyPI LOW PATCH Monitor

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.

Python Path Traversal Ubuntu Debian Django
NVD GitHub
CVSS 3.1
3.1
EPSS
0.0%
CVE-2025-59681 PyPI HIGH PATCH GHSA This Week

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).

SQLi Python Ubuntu Debian Django +2
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-61622 PyPI CRITICAL PATCH Act Now

Pickle deserialization RCE in pyfory 0.12.0-0.12.2 and pyfury 0.1.0-0.10.3.

RCE Deserialization Python Fory
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-8869 PyPI MEDIUM PATCH This Month

When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Information Disclosure Red Hat Suse
NVD GitHub
CVSS 4.0
5.9
EPSS
0.0%
CVE-2025-48868 HIGH POC PATCH This Week

Horilla is a free and open source Human Resource Management System (HRMS). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Python RCE Code Injection Horilla
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.2
EPSS
0.9%
CVE-2025-59420 PyPI HIGH POC PATCH This Month

Authlib is a Python library which builds OAuth and OpenID Connect servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Privilege Escalation Authlib Red Hat
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

Remote code execution in Tendenci CMS versions 15.3.11 and below allows authenticated staff users to execute arbitrary code through unsafe pickle deserialization in the Helpdesk module's reporting function. The vulnerability stems from incomplete patching of CVE-2020-14942, where the run_report() function continues to use unsafe pickle.loads() despite the ticket_list() function being corrected. Public exploit code exists for this issue, though impact is limited to the privileges of the application's runtime user.

Python RCE Deserialization +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Remote code execution in vLLM 0.10.1 through 0.13.x lets an attacker who controls the model repository or path run arbitrary Python on the inference host: vLLM auto-loads Hugging Face `auto_map` dynamic modules during model resolution without honoring the `trust_remote_code` safety gate, so attacker-supplied code executes at server startup before any request is processed and without API access. The flaw carries a CVSS 9.8 and is fixed in 0.14.0, with Red Hat shipping multiple RHSA errata; however EPSS is only 0.06% (17th percentile) and there is no public exploit identified at time of analysis, so exploitation hinges on an attacker first influencing which model is loaded. This is a code-injection (CWE-94) trust-boundary bypass rather than a remotely reachable network service bug despite the AV:N rating.

Python Vllm Code Injection +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. [CVSS 5.3 MEDIUM]

Python Red Hat Suse
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

PLY (Python Lex-Yacc) library 3.11 has an unsafe feature enabling remote code execution through pickle deserialization of cached parser tables, with EPSS 0.91%.

Python RCE Deserialization +1
NVD GitHub VulDB
EPSS 0% CVSS 8.5
HIGH POC PATCH This Week

Authenticated users can exploit string formatting and exception handling in n8n's Python task executor to escape sandbox restrictions and execute arbitrary code on the underlying operating system, with full instance takeover possible in Internal execution mode. Public exploit code exists for this vulnerability, which affects n8n deployments running under Internal execution mode where the Python executor has direct OS access. External execution mode deployments using Docker sidecars have reduced impact as code execution is confined to the container rather than the main node.

Python Docker AI / ML +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

pyasn1 is a generic ASN.1 library for Python. versions up to 0.6.2 is affected by allocation of resources without limits or throttling (CVSS 7.5).

Python Denial Of Service Debian Linux +1
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Dask distributed is a distributed task scheduler for Dask. [CVSS 6.1 MEDIUM]

Linux Python AI / ML +1
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Memory-exhaustion denial of service in Google Keras 3.0.0 through 3.13.0 lets a remote attacker crash the Python interpreter by getting a victim to load a malicious .keras model archive. The crafted archive embeds a valid model.weights.h5 HDF5 file whose dataset declares an enormously large shape, so the weight loader attempts to allocate unbounded memory during deserialization. There is no public exploit identified at time of analysis, EPSS risk is low (0.03%), and a vendor fix is available.

Google Python Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

BlackSheep's HTTP client prior to version 2.4.6 is vulnerable to CRLF injection due to insufficient header validation, allowing attackers to inject malicious headers or forge HTTP requests when developers pass unsanitized user input into header fields. Only applications using BlackSheep as an HTTP client are affected; the server component is not impacted. A patch is available in version 2.4.6 and later.

Python Blacksheep
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tdarr 2.00.15 media transcoding server has unauthenticated RCE through command injection in the Help terminal. Commands can be chained without any input filtering. PoC available.

Python RCE Tdarr
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Remote code execution in Azure Core Shared Client Library for Python results from insecure deserialization of untrusted data, allowing authenticated network-based attackers to achieve arbitrary code execution. The vulnerability affects Python applications utilizing the vulnerable library versions, with no patch currently available. This represents a high-severity risk for Azure SDK consumers handling external or user-supplied serialized data.

Python Azure Deserialization +2
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Virtualenv versions up to 20.36.1 is affected by improper link resolution before file access (CVSS 4.5).

Python Race Condition Virtualenv +2
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Python's filelock SoftFileLock implementation prior to version 3.20.3 contains a TOCTOU race condition that allows local attackers with symlink creation privileges to interfere with lock file operations between permission validation and file creation. An attacker can exploit this window to create a symlink at the target lock path, causing lock operations to fail or redirect to unintended files, resulting in denial of service or unexpected behavior. Upgrade to filelock version 3.20.3 or later to remediate this vulnerability.

Python Denial Of Service Race Condition +3
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

pypdf versions prior to 6.6.0 are vulnerable to denial of service through CPU exhaustion when processing malformed PDF files with crafted startxref entries in non-strict reading mode. An attacker can create a specially crafted PDF containing excessive whitespace that causes the library to consume significant processing resources during cross-reference table reconstruction. A patch is available in version 6.6.0 and later.

Python Pypdf Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Denial of service via resource exhaustion in pypdf prior to version 6.6.0 allows remote attackers to trigger excessive processing times by submitting specially crafted PDF files with missing /Root objects and inflated /Size values. The vulnerability only affects non-strict parsing mode and causes the library to consume significant CPU resources when processing otherwise invalid documents. A patch is available in version 6.6.0 and later.

Python Pypdf Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Fickling versions prior to 0.1.7 fail to properly detect malicious pickle payloads due to inadequate handling of the "builtins" module, allowing attackers to bypass security analysis and potentially execute arbitrary code. This vulnerability affects Python environments using vulnerable versions of Fickling for pickle inspection and static analysis. An attacker can craft specially designed pickle files that evade detection mechanisms, compromising the integrity of pickle validation workflows.

Python AI / ML Fickling
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Fickling's static analyzer before version 0.1.7 fails to detect several dangerous Python modules in pickled objects, enabling attackers to craft malicious pickles that bypass safety checks and achieve arbitrary code execution. This vulnerability affects users relying on Fickling to validate untrusted serialized Python objects for safety. Public exploit code exists for this HIGH severity vulnerability, though a patch is available in version 0.1.7 and later.

Python Deserialization AI / ML +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Fickling before version 0.1.7 allows local attackers to achieve arbitrary code execution through Python pickle deserialization by chaining unblocked ctypes and pydoc modules, bypassing the tool's safety scanner which incorrectly reports malicious files as LIKELY_SAFE. An attacker with user interaction can exploit this vulnerability to execute code with the privileges of the Python process. A patch is available in version 0.1.7 and later.

Python RCE Deserialization +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Fickling's static analyzer through version 0.1.6 fails to properly classify the cProfile module as unsafe during pickle analysis, causing malicious pickles leveraging cProfile.run() to be marked as SUSPICIOUS rather than OVERTLY_MALICIOUS. Organizations using Fickling as a security gate for deserialization decisions may be deceived into executing attacker-controlled code. Public exploit code exists for this vulnerability, and patches are available in version 0.1.7 and later.

Python Deserialization AI / ML +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Fickling's incomplete pickle analysis allows attackers to bypass security checks by using Python's runpy module to execute arbitrary code. Versions through 0.1.6 misclassify dangerous runpy-based payloads as merely suspicious rather than malicious, enabling code execution on systems that rely on Fickling to validate pickle safety. Public exploit code exists for this vulnerability, though a patch is available in version 0.1.7.

Python Deserialization AI / ML +1
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM POC PATCH This Month

Authlib is a Python library which builds OAuth and OpenID Connect servers. [CVSS 5.7 MEDIUM]

Python CSRF Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Logging Redactor prior to version 0.0.6 fails to properly handle non-string data types during redaction operations, causing type conversion errors that can disrupt log formatting and integrity checks. Public exploit code exists for this vulnerability, allowing attackers to craft inputs that bypass the redaction mechanism or cause denial of service through malformed log output. Users of Logging Redactor should upgrade to version 0.0.6 or later, as no patch is currently available for affected earlier versions.

Python Logging Redactor
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

SQL injection in Parsl's visualization dashboard allows unauthenticated attackers to execute arbitrary database queries through unsafe string formatting of the workflow_id parameter. Public exploit code exists for this vulnerability, enabling potential data theft or database denial of service attacks against the monitoring infrastructure. The issue affects Parsl versions prior to 2026.01.05, which includes the fix.

Python SQLi Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

NiceGUI versions 2.10.0 through 3.4.1 fail to properly release Redis connections when users open and close browser tabs, allowing unauthenticated attackers to exhaust the Redis connection pool and degrade service functionality. An attacker can repeatedly trigger connection leaks without authentication, causing storage errors and degraded performance once connection limits are reached. Public exploit code exists for this vulnerability, which is patched in version 3.5.0.

Python Redis Nicegui
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC PATCH This Week

NiceGUI versions 2.22.0 through 3.4.1 contain a cross-site DOM-based XSS vulnerability in the pushstate event listener for ui.sub_pages that allows attackers to manipulate URL fragment identifiers via iframe injection. Public exploit code exists for this vulnerability, and affected users should upgrade to version 3.5.0 or later as no patch is currently available for vulnerable versions.

Python Nicegui
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

NiceGUI versions 2.22.0 through 3.4.1 contain a stored cross-site scripting vulnerability in the click event listener of ui.sub_pages that executes attacker-controlled JavaScript when users click malicious links on the page. Public exploit code exists for this vulnerability, and affected users should upgrade to version 3.5.0 or later immediately. The vulnerability requires user interaction but can impact confidentiality and integrity with network-accessible exploitation.

Python XSS Nicegui
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in NiceGUI versions 2.13.0 through 3.4.1 allows attackers to execute arbitrary JavaScript in users' browsers when applications pass untrusted input to the ui.navigate.history.push() or ui.navigate.history.replace() functions due to improper string escaping in generated JavaScript. Public exploit code exists for this vulnerability, and developers using affected versions should upgrade to 3.5.0 or later, or avoid passing user-controlled data to these navigation helpers. Applications that only use these functions with trusted, hardcoded URLs are unaffected.

Python XSS Nicegui
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Bokeh versions 3.8.1 and below allow attackers to bypass Origin validation in WebSocket connections by registering domains that suffix-match allowlisted domains (e.g., dashboard.corp.attacker.com for allowlist entry dashboard.corp), enabling unauthorized server interaction. Public exploit code exists for this vulnerability, which could allow attackers to access sensitive data or modify visualizations on behalf of victims. The issue is resolved in Bokeh 3.8.2.

Python Bokeh Red Hat +1
NVD GitHub
EPSS 0%
PATCH This Week

A vulnerability in the handling of verify_mode = CERT_REQUIRED in the wolfssl Python package (wolfssl-py) causes client certificate requirements to not be fully enforced.

Python TLS
NVD GitHub
EPSS 0% CVSS 8.9
HIGH PATCH This Week

Uncontrolled resource consumption in the Python urllib3 HTTP client library (versions 1.22 through 2.6.2) lets a malicious or compromised server crash or exhaust memory on the client by serving a compressed redirect response. When an application streams from an untrusted source with preload_content=False and has not disabled redirects, urllib3 eagerly drains and decompresses the entire redirect body before any read call, ignoring configured read limits, leaving no defense against decompression bombs. EPSS is low (0.03%), there is no public exploit identified at time of analysis, and it is not in CISA KEV, but the bug is broadly reachable given urllib3's ubiquity.

Python Urllib3 Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

Panda3D's deploy-stub executable up to version 1.10.16 is vulnerable to denial of service through unvalidated stack allocation based on command-line argument counts, allowing local attackers to crash the application by supplying excessive arguments. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw can trigger reliable crashes and undefined behavior during Python interpreter initialization.

Python Denial Of Service Panda3d
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. [CVSS 7.8 HIGH]

Python One Data Loss Prevention
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. [CVSS 5.3 MEDIUM]

Python Aiohttp Red Hat +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. [CVSS 5.3 MEDIUM]

Python Denial Of Service Aiohttp +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. [CVSS 7.5 HIGH]

Python Aiohttp Red Hat +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. [CVSS 7.5 HIGH]

Python Denial Of Service Aiohttp +2
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. [CVSS 5.3 MEDIUM]

Python Aiohttp Red Hat +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. [CVSS 5.3 MEDIUM]

Python Path Traversal Aiohttp +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. [CVSS 6.5 MEDIUM]

Python Aiohttp Red Hat +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. [CVSS 7.5 HIGH]

Python Aiohttp Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Eopkg package manager versions before 4.4.0 fail to track files included in malicious packages, allowing undetected file installation when users install from compromised sources. An attacker can distribute packages containing hidden files that evade detection by package management tools like lseopkg. Users installing exclusively from official Solus repositories are unaffected.

Python Eopkg
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Eopkg package manager versions before 4.4.0 fail to enforce the --destdir installation path, allowing malicious packages to write files to arbitrary locations on the host filesystem. An attacker can exploit this by distributing a compromised package that bypasses the intended installation directory, potentially overwriting system files or placing malicious content outside the sandboxed installation path. Users are only at risk if installing packages from untrusted or compromised sources; Solus repository packages are unaffected.

Python Eopkg
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Cpp-Httplib versions up to 0.30.0 contains a vulnerability that allows attackers to add extra headers, modify request body unexpectedly & trigger an SSRF attack (CVSS 7.5).

Python SSRF Cpp Httplib +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at `feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py`. [CVSS 7.8 HIGH]

Python Kubernetes RCE +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A serialization bug in matrix-sdk-base allows remote attackers to cause denial-of-service by sending rooms with custom m.room.join_rules values, which stalls the sync process and prevents all room processing. The vulnerability affects matrix-sdk-base versions 0.14.1 and prior and has a high availability impact (CVSS 7.5) with a patch available in version 0.16.0. With a low EPSS score of 0.06% and no KEV listing, this represents a moderate real-world risk primarily concerning service availability rather than active exploitation.

Denial Of Service Deserialization Python +1
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH POC This Week

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running on the device. Attackers can access sensitive information by visiting the message_log page.

Information Disclosure Python
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A security vulnerability in version 1.0 and (CVSS 7.5). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Information Disclosure Python Ubuntu +4
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.

Python Denial Of Service Ubuntu +4
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.

Null Pointer Dereference Python Denial Of Service +5
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The plupload_file_upload function handles these file uploads and constructs the destination file path by using either the name parameter or the uploaded filename, neither of which is properly sanitized. The file extension is extracted by splitting the filename, and a format string is used to construct the final file path, leaving the destination path vulnerable to path traversal. An authenticated attacker with network connectivity can write arbitrary files to the server, enabling remote code execution after overwriting an executable file. An example is the pdflatex executable, which is executed through subprocess.Popen in the write_report_pdf function after requests to a /report/latex/(\d+).pdf endpoint.

Path Traversal RCE Python +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability exists in the network configuration functionality, stemming from insufficient input validation when processing network configuration parameters through administrative endpoints. The application allows administrators to modify the server's network configuration through the Django application. This configuration is processed by Bash scripts (TSsetnoproxy and TSsetproxy) that write user-controlled data directly to environment variables without proper sanitization. After updating environment variables, the scripts execute a source command on /etc/environment; if an attacker injects malicious data into environment variables, this command can enable arbitrary command execution. The vulnerability begins with the /admin/network endpoint, which passes user-supplied form data as arguments to subprocess.Popen calls. The user-supplied input is then used to update environment variables in TSsetnoproxy and TSsetproxy, and finally source $environment is executed.

RCE Python Torrent Suite Software
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTE_ADDR property in request.META is set to 127.0.0.1, to 127.0.1.1, or to ::1. Any user with local access to the server may bypass authentication.

Authentication Bypass Python Torrent Suite Software
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

A remote code execution vulnerability in Thermo Fisher Torrent Suite Django application 5.18.1 (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Information Disclosure Python Torrent Suite Software
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

CVE-2025-12084 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Ubuntu Debian +3
NVD GitHub VulDB
EPSS 0% CVSS 8.1
HIGH POC PATCH This Week

CVE-2025-66416 is a security vulnerability (CVSS 8.1) that allows dns rebinding protection. High severity vulnerability requiring prompt remediation. Vendor patch is available.

Authentication Bypass Python Mcp Python Sdk +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. Algorithmic complexity in `django.core.serializers.xml_serializer.getInnerText()` allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML input processed by the XML `Deserializer`. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Seokchan Yoon for reporting this issue.

Information Disclosure Python Ubuntu +4
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. `FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Stackered for reporting this issue.

SQLi PostgreSQL Python +5
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.

RCE Python Code Injection +3
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

Denial Of Service Ubuntu Debian +3
NVD GitHub
EPSS 0% CVSS 6.3
MEDIUM POC PATCH This Month

fontTools is a library for manipulating fonts, written in Python. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required. Public exploit code available.

RCE Python Fonttools +2
NVD GitHub VulDB
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Python +1
NVD
EPSS 0% CVSS 3.6
LOW PATCH Monitor

Spotipy is a Python library for the Spotify Web API. Rated low severity (CVSS 3.6), this vulnerability is no authentication required. No vendor patch available.

XSS Python
NVD GitHub
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

pypdf is a free and open-source pure-python PDF library. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Python Red Hat +1
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Fugue is a unified interface for distributed computing that lets users execute Python, Pandas, and SQL code on Spark, Dask, and Ray with minimal rewrites. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Deserialization RCE Python +1
NVD GitHub
EPSS 0% CVSS 8.3
HIGH PATCH This Month

LangChain is a framework for building agents and LLM-powered applications. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Python Ssti +3
NVD GitHub
EPSS 0% CVSS 9.2
CRITICAL POC PATCH Act Now

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Python Joserfc +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC PATCH This Month

Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decode_definite_long_string() function of the C extension decoder (source/decoder.c): (1) Integer Underflow Leading to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Buffer Overflow +4
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia +2
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Week

A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the execute_query method. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection RCE Authentication Bypass +2
NVD GitHub
EPSS 3% CVSS 6.5
MEDIUM POC This Week

A command injection vulnerability exists in the MCP Data Science Server's (reading-plus-ai/mcp-server-data-exploration) 0.1.6 in the safe_eval() function (src/mcp_server_ds/server.py:108). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Python Mcp Server For Data Exploration
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Month

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP RCE +4
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

MaxKB is an open-source AI assistant for enterprise. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Python Maxkb
NVD GitHub
EPSS 0% CVSS 7.4
HIGH This Month

MaxKB is an open-source AI assistant for enterprise. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Python Maxkb
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Month

The Datadog Agent collects events and metrics from hosts and sends them to Datadog. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Python Microsoft Kubernetes +3
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may allow an escalation of privilege. Rated medium severity (CVSS 5.4). No vendor patch available.

Intel Python Privilege Escalation
NVD
EPSS 0% CVSS 8.5
HIGH PATCH This Month

OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Python +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Python +3
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code during broadcasting/type conversion. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Python Oneflow
NVD GitHub
EPSS 0% CVSS 8.6
HIGH PATCH This Week

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Python Privilege Escalation
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL POC PATCH Act Now

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Python Django +2
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH PATCH This Month

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Python +4
NVD
EPSS 0% CVSS 2.5
LOW PATCH Monitor

DataChain is a Python-based AI-data warehouse for transforming and analyzing unstructured data. Versions 0.34.1 and below allow for deseriaization of untrusted data because of the way the DataChain library reads serialized objects from environment variables (such as DATACHAIN__METASTORE and DATACHAIN__WAREHOUSE) in the loader.py module. An attacker with the ability to set these environment variables can trigger code execution when the application loads. This issue is fixed in version 0.34.2.

RCE Python Deserialization
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting (XSS) when developers render unescaped user input into the DOM using ui.html(). NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input() with ui.html() or ui.chat_message with HTML content without escaping may allow attackers to execute arbitrary JavaScript in the user’s browser. Applications that do not pass untrusted input into ui.html() are not affected. This issue is fixed in version 3.0.0.

XSS Python
NVD GitHub
EPSS 0% CVSS 3.1
LOW PATCH Monitor

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.

Python Path Traversal Ubuntu +2
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).

SQLi Python Ubuntu +4
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Pickle deserialization RCE in pyfory 0.12.0-0.12.2 and pyfury 0.1.0-0.10.3.

RCE Deserialization Python +1
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Information Disclosure Red Hat +1
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

Horilla is a free and open source Human Resource Management System (HRMS). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Python RCE Code Injection +1
NVD GitHub Exploit-DB VulDB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Month

Authlib is a Python library which builds OAuth and OpenID Connect servers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Privilege Escalation Authlib +1
NVD GitHub
Prev Page 11 of 25 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy