Vulnerabilities

Recent vulnerabilities

Recent vulnerabilities from
Select from 78 available sources using the dropdown above.

PySec 🐍

Recent vulnerabilities · 4105 entries
ID Severity Description Package Published Updated
pysec-2026-616
7.3 (3.1)
Wagtail is an open source content management system built on Django. In versions prior to… wagtail 2026-07-01T22:16:49.917Z 2026-07-03T12:58:59.937124Z
pysec-2026-615
4.3 (3.1)
Wagtail is an open source content management system built on Django. In versions prior to… wagtail 2026-07-01T22:16:49.787Z 2026-07-03T12:58:59.841624Z
pysec-2026-614
6.5 (3.1)
Wagtail is an open source content management system built on Django. In versions prior to… wagtail 2026-07-01T22:16:49.653Z 2026-07-03T12:58:59.721161Z
pysec-2026-613
2.7 (3.1)
Wagtail is an open source content management system built on Django. In versions prior to… wagtail 2026-07-01T22:16:49.523Z 2026-07-03T12:58:59.603248Z
pysec-2026-612
4.3 (3.1)
Wagtail is an open source content management system built on Django. In versions prior to… wagtail 2026-07-01T22:16:49.297Z 2026-07-03T12:58:59.464451Z
pysec-2025-102
6.6 (3.1)
Local File Inclusion in dagster._grpc.impl.get_notebook_data in Dagster 1.10.14 allows at… dagster-ge 2025-07-22T17:15:33.543Z 2026-07-02T16:38:31.076371Z
pysec-2026-564
9.1 (3.1)
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a use… vitrage 2026-06-29T11:50:51.052829Z 2026-07-02T12:46:52.359910Z
pysec-2026-529
9.6 (3.1)
Directory traversal vulnerability in recv_file method allows arbitrary files to be writte… salt 2026-06-29T11:50:38.396059Z 2026-07-02T12:46:49.599506Z
pysec-2026-528
9.9 (3.1)
9.4 (4.0)
### Summary A SQL injection vulnerability in the Oracle path of `FilterEngine.create_sql… rucio 2026-06-29T11:50:50.519440Z 2026-07-02T12:46:49.461769Z
pysec-2026-527
9.9 (3.1)
9.0 (4.0)
### Summary A SQL injection vulnerability in `FilterEngine.create_postgres_query` allows… rucio 2026-06-29T11:50:49.082878Z 2026-07-02T12:46:49.308804Z
pysec-2026-510
9.8 (3.1)
### Impact A maliciously crafted QPY file can potentially execute arbitrary-code embedde… qiskit 2026-06-29T11:50:34.769394Z 2026-07-02T12:46:47.918376Z
pysec-2026-461
9.6 (3.1)
The `execute_command` function and workflow shell execution are exposed to user-controlle… praisonai 2026-06-29T11:50:47.321761Z 2026-07-02T12:46:43.492217Z
pysec-2026-440
9.1 (3.1)
In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 di… os-vif 2026-06-29T11:50:32.870631Z 2026-07-02T12:46:41.101315Z
pysec-2026-433
9.1 (3.1)
Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allow… octavia 2026-06-29T11:50:32.761316Z 2026-07-02T12:46:40.385416Z
pysec-2026-431
9.1 (3.1)
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows re… neutron 2026-06-29T11:50:32.602905Z 2026-07-02T12:46:40.013240Z
pysec-2026-373
9.3 (3.1)
## Summary A serialization injection vulnerability exists in LangChain's `dumps()` and `… langchain-core 2026-06-29T11:50:38.732432Z 2026-07-02T12:46:34.720444Z
pysec-2026-361
9.2 (4.0)
### Summary The `ExceededSizeError` exception messages are embedded with non-decoded JWT … joserfc 2026-06-29T11:50:36.396676Z 2026-07-02T12:46:33.470203Z
pysec-2026-360
9.1 (3.1)
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 … ipsilon 2026-06-29T11:50:32.271750Z 2026-07-02T12:46:33.387299Z
pysec-2026-344
9.3 (4.0)
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit… google-adk 2026-06-29T11:50:47.550836Z 2026-07-02T12:46:31.941760Z
pysec-2026-316
9.8 (3.1)
### Summary utils.get_shared_secret() always returns -1 - allows anyone to connect to co… cobbler 2026-06-29T11:50:40.621509Z 2026-07-02T12:46:28.475482Z
pysec-2026-312
9.8 (3.1)
Specific vulnerabilities: * Arbitrary file write in `resource_create` and `package_updat… ckan 2026-06-29T11:50:42.696551Z 2026-07-02T12:46:28.203386Z
pysec-2026-290
9.8 (3.1)
Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary… backend-ai 2026-06-29T11:50:38.333670Z 2026-07-02T12:46:26.496828Z
pysec-2026-284
9.9 (3.1)
### Impact When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Da… aries-cloudagent 2026-06-29T11:50:41.397353Z 2026-07-02T12:46:25.890941Z
pysec-2026-265
9.1 (3.1)
## 1. Summary The Binary Stream Capture (BSC) component exposes an unauthenticated HTTP … ait-core 2026-06-29T11:50:52.843259Z 2026-07-02T12:46:24.494788Z
pysec-2026-508
9.8 (3.1)
9.3 (4.0)
# Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions **Published:… pytorch-lightning 2026-06-29T11:50:50.913630Z 2026-07-02T12:33:00Z
pysec-2026-432
9.8 (3.1)
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14… nova 2026-06-29T11:50:32.179235Z 2026-07-02T12:33:00Z
pysec-2009-13
MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to… moin 2009-04-03T18:30:00Z 2026-07-02T12:33:00Z
pysec-2007-4
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrar… plone 2007-11-07T21:46:00Z 2026-07-02T12:33:00Z
pysec-2026-603
8.1 (3.1)
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token… keystone 2026-05-28T19:16:38.223Z 2026-07-02T12:26:33.242409Z
pysec-2026-602
8.0 (3.1)
An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not… keystone 2026-05-01T09:16:17.273Z 2026-07-02T12:26:33.147876Z