Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
Select from 78 available sources using the dropdown above.
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2026-616 |
7.3 (3.1)
|
Wagtail is an open source content management system built on Django. In versions prior to… | wagtail | 2026-07-01T22:16:49.917Z | 2026-07-03T12:58:59.937124Z |
| pysec-2026-615 |
4.3 (3.1)
|
Wagtail is an open source content management system built on Django. In versions prior to… | wagtail | 2026-07-01T22:16:49.787Z | 2026-07-03T12:58:59.841624Z |
| pysec-2026-614 |
6.5 (3.1)
|
Wagtail is an open source content management system built on Django. In versions prior to… | wagtail | 2026-07-01T22:16:49.653Z | 2026-07-03T12:58:59.721161Z |
| pysec-2026-613 |
2.7 (3.1)
|
Wagtail is an open source content management system built on Django. In versions prior to… | wagtail | 2026-07-01T22:16:49.523Z | 2026-07-03T12:58:59.603248Z |
| pysec-2026-612 |
4.3 (3.1)
|
Wagtail is an open source content management system built on Django. In versions prior to… | wagtail | 2026-07-01T22:16:49.297Z | 2026-07-03T12:58:59.464451Z |
| pysec-2025-102 |
6.6 (3.1)
|
Local File Inclusion in dagster._grpc.impl.get_notebook_data in Dagster 1.10.14 allows at… | dagster-ge | 2025-07-22T17:15:33.543Z | 2026-07-02T16:38:31.076371Z |
| pysec-2026-564 |
9.1 (3.1)
|
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a use… | vitrage | 2026-06-29T11:50:51.052829Z | 2026-07-02T12:46:52.359910Z |
| pysec-2026-529 |
9.6 (3.1)
|
Directory traversal vulnerability in recv_file method allows arbitrary files to be writte… | salt | 2026-06-29T11:50:38.396059Z | 2026-07-02T12:46:49.599506Z |
| pysec-2026-528 |
9.9 (3.1)
9.4 (4.0)
|
### Summary A SQL injection vulnerability in the Oracle path of `FilterEngine.create_sql… | rucio | 2026-06-29T11:50:50.519440Z | 2026-07-02T12:46:49.461769Z |
| pysec-2026-527 |
9.9 (3.1)
9.0 (4.0)
|
### Summary A SQL injection vulnerability in `FilterEngine.create_postgres_query` allows… | rucio | 2026-06-29T11:50:49.082878Z | 2026-07-02T12:46:49.308804Z |
| pysec-2026-510 |
9.8 (3.1)
|
### Impact A maliciously crafted QPY file can potentially execute arbitrary-code embedde… | qiskit | 2026-06-29T11:50:34.769394Z | 2026-07-02T12:46:47.918376Z |
| pysec-2026-461 |
9.6 (3.1)
|
The `execute_command` function and workflow shell execution are exposed to user-controlle… | praisonai | 2026-06-29T11:50:47.321761Z | 2026-07-02T12:46:43.492217Z |
| pysec-2026-440 |
9.1 (3.1)
|
In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 di… | os-vif | 2026-06-29T11:50:32.870631Z | 2026-07-02T12:46:41.101315Z |
| pysec-2026-433 |
9.1 (3.1)
|
Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allow… | octavia | 2026-06-29T11:50:32.761316Z | 2026-07-02T12:46:40.385416Z |
| pysec-2026-431 |
9.1 (3.1)
|
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows re… | neutron | 2026-06-29T11:50:32.602905Z | 2026-07-02T12:46:40.013240Z |
| pysec-2026-373 |
9.3 (3.1)
|
## Summary A serialization injection vulnerability exists in LangChain's `dumps()` and `… | langchain-core | 2026-06-29T11:50:38.732432Z | 2026-07-02T12:46:34.720444Z |
| pysec-2026-361 |
9.2 (4.0)
|
### Summary The `ExceededSizeError` exception messages are embedded with non-decoded JWT … | joserfc | 2026-06-29T11:50:36.396676Z | 2026-07-02T12:46:33.470203Z |
| pysec-2026-360 |
9.1 (3.1)
|
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 … | ipsilon | 2026-06-29T11:50:32.271750Z | 2026-07-02T12:46:33.387299Z |
| pysec-2026-344 |
9.3 (4.0)
|
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit… | google-adk | 2026-06-29T11:50:47.550836Z | 2026-07-02T12:46:31.941760Z |
| pysec-2026-316 |
9.8 (3.1)
|
### Summary utils.get_shared_secret() always returns -1 - allows anyone to connect to co… | cobbler | 2026-06-29T11:50:40.621509Z | 2026-07-02T12:46:28.475482Z |
| pysec-2026-312 |
9.8 (3.1)
|
Specific vulnerabilities: * Arbitrary file write in `resource_create` and `package_updat… | ckan | 2026-06-29T11:50:42.696551Z | 2026-07-02T12:46:28.203386Z |
| pysec-2026-290 |
9.8 (3.1)
|
Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary… | backend-ai | 2026-06-29T11:50:38.333670Z | 2026-07-02T12:46:26.496828Z |
| pysec-2026-284 |
9.9 (3.1)
|
### Impact When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Da… | aries-cloudagent | 2026-06-29T11:50:41.397353Z | 2026-07-02T12:46:25.890941Z |
| pysec-2026-265 |
9.1 (3.1)
|
## 1. Summary The Binary Stream Capture (BSC) component exposes an unauthenticated HTTP … | ait-core | 2026-06-29T11:50:52.843259Z | 2026-07-02T12:46:24.494788Z |
| pysec-2026-508 |
9.8 (3.1)
9.3 (4.0)
|
# Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions **Published:… | pytorch-lightning | 2026-06-29T11:50:50.913630Z | 2026-07-02T12:33:00Z |
| pysec-2026-432 |
9.8 (3.1)
|
An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14… | nova | 2026-06-29T11:50:32.179235Z | 2026-07-02T12:33:00Z |
| pysec-2009-13 |
|
MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to… | moin | 2009-04-03T18:30:00Z | 2026-07-02T12:33:00Z |
| pysec-2007-4 |
|
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrar… | plone | 2007-11-07T21:46:00Z | 2026-07-02T12:33:00Z |
| pysec-2026-603 |
8.1 (3.1)
|
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token… | keystone | 2026-05-28T19:16:38.223Z | 2026-07-02T12:26:33.242409Z |
| pysec-2026-602 |
8.0 (3.1)
|
An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not… | keystone | 2026-05-01T09:16:17.273Z | 2026-07-02T12:26:33.147876Z |