Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Conan
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
M
Prototype Pollution
docarray
[0,]
pip
26 May 2025
L
Use of Less Trusted Source
fastapi-guard
[,2.0.0)
pip
26 May 2025
M
Arbitrary Code Injection
factool
[0,]
pip
22 May 2025
C
Deserialization of Untrusted Data
vllm
[0.6.5,0.8.5)
pip
21 May 2025
M
Insufficient Control Flow Management
vyper
[0,]
pip
20 May 2025
M
Regular Expression Denial of Service (ReDoS)
transformers
[,4.50.0)
pip
20 May 2025
M
Insufficient Control Flow Management
vyper
[0.3.8,]
pip
19 May 2025
H
Cross-site Scripting (XSS)
label-studio
[,1.18.0)
pip
19 May 2025
M
Server-side Request Forgery (SSRF)
crawl4ai
[0,]
pip
19 May 2025
M
Open Redirect
flask-appbuilder
[,4.6.2)
pip
18 May 2025
H
Allocation of Resources Without Limits or Throttling
tornado
[,6.5)
pip
16 May 2025
L
Function Call With Incorrect Order of Arguments
flask
[3.1.0,3.1.1)
pip
14 May 2025
M
Incorrect Default Permissions
apache-superset
[,4.1.2)
pip
14 May 2025
L
Arbitrary Command Injection
aworld
[0,]
pip
14 May 2025
M
Use of Non-Canonical URL Paths for Authorization Decisions
browser-use
[,0.1.45)
pip
14 May 2025
H
Incorrect Resource Transfer Between Spheres
youtube_dl
[2015.01.25,]
pip
14 May 2025
H
Uncontrolled Recursion
llama-index-readers-web
[,0.3.6)
pip
13 May 2025
H
Deserialization of Untrusted Data
vllm
[0.5.2,]
pip
11 May 2025
L
Cross-site Scripting (XSS)
mezzanine
[0.12,]
pip
9 May 2025
M
Allocation of Resources Without Limits or Throttling
django
[4.2,4.2.21)
[5.0a1,5.1.9)
[5.2a1,5.2.1)
pip
8 May 2025
C
Arbitrary Code Injection
pycel
[0,]
pip
8 May 2025
M
User Impersonation
octoprint
[,1.11.0)
pip
7 May 2025
H
Inefficient Algorithmic Complexity
vllm
[0.8.0,0.8.5)
pip
7 May 2025
C
Deserialization of Untrusted Data
vllm
[0.6.5,0.8.5)
pip
7 May 2025
M
Binding to an Unrestricted IP Address
vllm
[0.5.2,0.8.5)
pip
7 May 2025
L
Use of GET Request Method With Sensitive Query Strings
weblate
[0,5.11)
pip
5 May 2025
M
Directory Traversal
setuptools
[,78.1.1)
pip
2 May 2025
M
HTTP Request Smuggling
gevent
[,25.4.1)
pip
2 May 2025
M
Regular Expression Denial of Service (ReDoS)
transformers
[,4.50.0)
pip
30 Apr 2025
M
Allocation of Resources Without Limits or Throttling
markdownify
[,0.14.1)
pip
27 Apr 2025
