python-pip
python-pip
- CVE-2026-14480 - OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the legacy web UI program‑u
- CVE-2026-40006 - Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Aut
- CVE-2026-40007 - Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB
- CVE-2026-40008 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Apache IoT
- CVE-2026-54071 - BabelDOC: Arbitrary Code Execution via CMap Pickle Deserialization in babeldoc/pdfminer/cmapdb.py
- CVE-2026-54149 - MaxKB is an open-source AI assistant for enterprise
- CVE-2026-55659 - Grist is spreadsheet software using Python as its formula language
- CVE-2026-59796 - In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks
- CVE-2026-61437 - PraisonAI (pip package praisonaiagents) before 1.6.78 contains an unsafe dynamic module loading vulnerability
- CVE-2026-61444 - PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents_file
- CVE-2026-49476 - Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists
- CVE-2026-49477 - Soup Sieve: Regular Expression Denial of Service (ReDoS) via Selector Parser
- CVE-2026-54695 - Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents
- CVE-2026-54769 - Langroid is a framework for building large-language-model-powered applications
- CVE-2026-55865 - Python Liquid is a Python engine for the Liquid template language
- CVE-2026-59214 - Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform
- CVE-2026-59216 - Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform
- CVE-2026-49471 - Serena: Unauthenticated Flask dashboard on fixed port enables DNS rebinding → memory poisoning → RCE
- CVE-2026-49825 - lxml_html_clean.Cleaner does not strip javascript: URLs from namespaced URL attributes
- CVE-2026-54499 - Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many huma
- CVE-2026-54591 - AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 prot
- CVE-2026-54772 - CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core
- CVE-2026-55195 - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and
- CVE-2026-55206 - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and
- CVE-2026-55830 - RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a prog
- CVE-2026-59922 - Mistune is a Python Markdown parser with renderers and plugins
- CVE-2026-59935 - pypdf is a free and open-source pure-python PDF library
- CVE-2026-59936 - pypdf is a free and open-source pure-python PDF library
- CVE-2026-59937 - pypdf is a free and open-source pure-python PDF library
- CVE-2026-59939 - httplib2 is a comprehensive HTTP client library for Python
- CVE-2025-46719 - Open WebUI vulnerable to stored XSS via unescaped markdown token in MarkdownTokens.svelte leading to full account takeov
- CVE-2026-26192 - Open WebUI vulnerable to Stored XSS via iFrame in citations model
- CVE-2026-26193 - Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages
- CVE-2026-14535 - In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditional
- CVE-2022-37331 - Open Babel has out-of-bounds write in Gaussian coords_type orientation parser
- CVE-2022-41793 - Open Babel has out-of-bounds write in CSR PadString (title field)
- CVE-2022-42885 - Open Babel has uninitialized pointer dereference in GRO residue parser
- CVE-2022-43467 - Open Babel has out-of-bounds write in PQS coord_file parser
- CVE-2022-43607 - Open Babel has out-of-bounds write in MOL2 attribute/value parser
- CVE-2022-44451 - Open Babel has uninitialized pointer dereference in MSI atom parser
- CVE-2022-46280 - Open Babel has uninitialized pointer dereference in PQS pFormat
- CVE-2022-46289 - Open Babel has out-of-bounds write in ORCA nAtoms parser
- CVE-2022-46290 - Open Babel has out-of-bounds write in ORCA nAtoms parser (second variant)
- CVE-2022-46291 - Open Babel has out-of-bounds write in Gaussian translationVectors[]
- CVE-2022-46293 - Open Babel has out-of-bounds write in MOPAC translationVectors[] (FINAL POINT)
- CVE-2022-46294 - Open Babel has out-of-bounds write in MOPAC IN translationVectors[] (Tv atom)
- CVE-2022-46295 - Open Babel has out-of-bounds write in MSI translationVectors[]
- CVE-2025-10997 - Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies
- CVE-2026-57516 - Ray prior to 2.56.0 contains an unsafe deserialization vulnerability in the WebDataset reader that allows atta
- CVE-2026-6682 - In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats
- CVE-2025-10996 - Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles
- CVE-2025-71349 - picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, al
- CVE-2025-71350 - picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in
- CVE-2025-71352 - picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle f
- CVE-2025-71363 - picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attack
- CVE-2025-71368 - picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowi
- CVE-2025-71371 - picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in r
- CVE-2025-71374 - picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle
- CVE-2026-12243 - NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504
- CVE-2026-57585 - MessagePack is the serializer implementation for Python msgpack.org
- CVE-2026-58116 - LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI ac
- CVE-2026-58172 - Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows d
- CVE-2026-58370 - Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author
- CVE-2026-58377 - JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege
- CVE-2026-13749 - Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior
- CVE-2026-57346 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed
- CVE-2026-57919 - PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS)
- CVE-2026-33646 - mise manages dev tools like node, python, cmake, and terraform
- CVE-2026-48797 - Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication
- CVE-2026-48802 - python-engineio has unbound thread allocation that can cause denial of service
- CVE-2026-48804 - python-socketio: Binary attachment accumulation can cause denial of service
- CVE-2026-48809 - python-engineio has possible denial of service due to maximum payload size sometimes not being enforced
- CVE-2026-49257 - mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind
- CVE-2026-49291 - mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call
- CVE-2026-49869 - Kestra is an open-source, event-driven orchestration platform
- CVE-2026-53284 - In the Linux kernel, the following vulnerability has been resolved: btrfs: only release the dirty pages io tre
- CVE-2026-53194 - In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buff
- CVE-2026-53228 - In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after
- CVE-2026-57456 - Vim is an open source, command line text editor
- CVE-2026-8592 - OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux a
- CVE-2026-44017 - Docling simplifies document processing by parsing diverse formats and providing integrations with the generati
- CVE-2026-49851 - Mistune is a Python Markdown parser with renderers and plugins
- CVE-2026-56121 - Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthoriz
- CVE-2026-49444 - n8n is an open source workflow automation platform
- CVE-2026-53753 - Crawl4AI is an open-source LLM friendly web crawler & scraper
- CVE-2026-41523 - vLLM is an inference and serving engine for large language models (LLMs)
- CVE-2026-50269 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54273 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54274 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54275 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54277 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54278 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54279 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54280 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2026-54293 - NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting
- CVE-2025-71348 - picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_co
- CVE-2025-71357 - picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runc
- CVE-2025-71378 - picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowin
- CVE-2026-50203 - Apache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory
- CVE-2026-45830 - A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authen
- CVE-2026-45832 - All V1 collection-level endpoints in ChromaDB's Python project pass None for the tenant and database to the au
- CVE-2026-45833 - A code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticat
- CVE-2026-48006 - Netty is a network application framework for development of protocol servers and clients
- CVE-2026-11816 - Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities lo
- CVE-2026-52860 - Vim is an open source, command line text editor
- CVE-2026-41567 - Moby is an open source container framework
- CVE-2026-10840 - A flaw was found in the OpenShift Pipelines operator
- CVE-2026-5241 - A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attack
- CVE-2026-3514 - Prefect has an Authentication Middleware Bypass when URL paths are appended with 'health' or 'ready'
- CVE-2026-47117 - OpenMed vulnerable to remote code injection through privacy-filter model loading path
- CVE-2026-40961 - Apache Airflow: Authenticated users can bypass the is_safe_url check
- CVE-2026-41084 - Apache Airflow Vulnerable to Authorization Bypass Through User-Controlled Key
- CVE-2026-42252 - Apache Airflow vulnerable to Improper Neutralization of Special Elements Used in a Template Engine
- CVE-2026-42359 - Apache Airflow has a Deserialization of Untrusted Data vulnerability
- CVE-2026-45360 - Apache Airflow Vulnerable to Deserialization of Untrusted Data
- CVE-2026-49121 - AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code execution vulnerabili
- CVE-2026-49298 - Apache Airflow: Execution API JWT leaked via KubernetesExecutor worker command-line args
- CVE-2026-48526 - PyJWT is a JSON Web Token implementation in Python
- CVE-2026-49014 - GDAL: scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow
- CVE-2026-49017 - OpenStack Swift: s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body
- CVE-2026-8450 - HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file()
- CVE-2026-2651 - MLflow allows unauthorized access to multipart upload endpoints when the --serve-artifacts mode is enabled
- CVE-2026-3515 - Prefect has an Argument Injection issue
- CVE-2026-4372 - HuggingFace transformers vulnerable to remote code execution
- CVE-2026-45361 - Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default
- CVE-2026-48207 - Apache Fory PyFory Deserialization of Untrusted Data
- CVE-2026-48989 - Windows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORS
- CVE-2026-31072 - The JSONSerializer and CBORSerializer in APScheduler (all versions including 3.10.x and 4.0.0a5) are vulnerabl
- CVE-2026-46373 - SQLFluff: Recursive Stack Overflow in Parser
- CVE-2026-46374 - SQLFluff: Uncontrolled Resource Consumption in SQLFluff Parser
- CVE-2026-42561 - Python-Multipart is a streaming multipart parser for Python
- CVE-2026-42584 - Netty is an asynchronous, event-driven network application framework
- CVE-2026-44432 - urllib3 is an HTTP client library for Python
- CVE-2026-27851 - When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly i
- CVE-2026-31228 - The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote code execution vulnerability in its Kub
- CVE-2026-31230 - The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a command-line argument injection vulnerability
- CVE-2026-31236 - The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line
- CVE-2026-31253 - flash-attention contains an insecure deserialization vulnerability in its checkpoint loading mechanism
- CVE-2026-43284 - In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on share
- CVE-2026-29080 - Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API
- CVE-2026-29090 - Rucio has SQL Injection in FilterEngine PostgreSQL Query Builder via DID Search API
- CVE-2026-43114 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't retu
- CVE-2026-43232 - In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs
- CVE-2026-40110 - Jupyter Server is the backend for Jupyter web applications
- CVE-2026-43003 - An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0
- CVE-2026-40048 - The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of <keyId>.key files in the confi
- CVE-2026-41140 - Poetry is a dependency manager for Python
- CVE-2026-6859 - A flaw was found in InstructLab. The linux_train.py script hardcodes trust_remote_code=True when loading m
- CVE-2026-40938 - Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines
- CVE-2026-54333 - UEFI Firmware Parser has a stack out-of-bounds write in tiano decompressor MakeTable
- CVE-2026-54334 - UEFI Firmware Parser has a heap out-of-bounds write in tiano decompressor ReadCLen
- CVE-2026-40192 - Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed
- CVE-2026-40164 - jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHas
- CVE-2026-39892 - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers
- CVE-2026-1114 - LoLLMs is vulnerable to Improper Access Control through weak secret key
- CVE-2026-34444 - Lupa integrates the runtimes of Lua or LuaJIT2 into CPython
- CVE-2026-35029 - LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format
- CVE-2026-32871 - FastMCP is a Pythonic way to build MCP servers and clients
- CVE-2025-15379 - A command injection vulnerability exists in MLflow's model serving container initialization code, specifically
- CVE-2026-23351 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: split gc into u
- CVE-2026-33211 - Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines
- CVE-2026-32874 - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+
- CVE-2026-32875 - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+
- CVE-2026-33231 - NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting
- CVE-2026-33236 - NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting
- CVE-2026-27459 - pyOpenSSL is a Python wrapper around the OpenSSL library
- CVE-2025-14287 - A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the mlflow/
- CVE-2026-27962 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2026-28498 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2026-32640 - SimpleEval is a library for adding evaluatable expressions into python projects
- CVE-2026-32597 - PyJWT is a JSON Web Token implementation in Python
- CVE-2026-28356 - multipart is a fast multipart/form-data parser for python
- CVE-2026-32274 - Black is the uncompromising Python code formatter
- CVE-2026-29186 - Backstage is an open framework for building developer portals
- CVE-2026-28802 - Authlib is a Python library which builds OAuth and OpenID Connect servers
- CVE-2025-69534 - Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser
- CVE-2026-0847 - A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in mu
- CVE-2026-25673 - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29
- CVE-2026-26955 - FreeRDP is a free implementation of the Remote Desktop Protocol
- CVE-2026-27483 - MindsDB: Path Traversal in /api/files Leading to Remote Code Execution
- CVE-2025-14009 - A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions
- CVE-2025-71220 - In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbd_session_rpc_close()
- CVE-2025-69872 - DiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default
- CVE-2026-25990 - Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when
- CVE-2026-25580 - Pydantic AI is a Python agent framework for building applications and workflows with Generative AI
- CVE-2026-24486 - Python-Multipart is a streaming multipart parser for Python
- CVE-2026-24747 - PyTorch is a Python package that provides tensor computation
- CVE-2026-24779 - vLLM is an inference and serving engine for large language models (LLMs)
- CVE-2026-0994 - A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the
- CVE-2026-24049 - wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427
- CVE-2025-56005 - An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE
- CVE-2026-23876 - ImageMagick is free and open-source software used for editing and manipulating digital images
- CVE-2026-23490 - pyasn1 is a generic ASN.1 library for Python
- CVE-2026-0897 - Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0
- CVE-2026-21441 - urllib3 is an HTTP client library for Python
- CVE-2025-69223 - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python
- CVE-2025-11157 - A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in
- CVE-2025-7346 - pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages
- CVE-2025-38201 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: clamp maximum m
- CVE-2024-22416 - Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalation
- CVE-2023-45815 - Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context