Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Regular Expression Denial of Service (ReDoS)
transformers[4.49.0,4.51.0)pip8 Jul 2025
  • M
Expected Behavior Violation
llama-index[,0.12.28)pip8 Jul 2025
  • M
Expected Behavior Violation
llama-index-readers-papers[,0.3.2)pip8 Jul 2025
  • H
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
llama-index[,0.12.29)pip8 Jul 2025
  • H
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
llama-index-readers-web[,0.3.9)pip8 Jul 2025
  • H
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
llama-index-readers-stripe-docs[,0.3.1)pip8 Jul 2025
  • H
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
llama-index-readers-papers[,0.3.2)pip8 Jul 2025
  • M
SQL Injection
litellm[1.48.18,]pip4 Jul 2025
  • M
Missing Authentication for Critical Function
xinference[0,]pip4 Jul 2025
  • M
Out-of-Bounds
pillow[2.5.0,3.1.2)pip3 Jul 2025
  • M
Authentication Bypass Using an Alternate Path or Channel
sentry[0,]pip2 Jul 2025
  • H
Heap-based Buffer Overflow
pillow[11.2.1,11.3.0)pip2 Jul 2025
  • M
Directory Traversal
dbgpt[0,]pip30 Jun 2025
  • C
Improper Verification of Cryptographic Signature
rfc3161-client[,1.0.3)pip27 Jun 2025
  • M
Buffer Overflow
matplotlib[,1.5.0)pip27 Jun 2025
  • M
Improper Neutralization of Special Elements Used in a Template Engine
pyspur[0,]pip26 Jun 2025
  • M
Deserialization of Untrusted Data
pypickle[,2.0.0)pip26 Jun 2025
  • M
Improper Authorization
pypickle[,2.0.0)pip26 Jun 2025
  • H
Improper Neutralization
octoprint[,1.11.2)pip26 Jun 2025
  • M
External Control of File Name or Path
octoprint[,1.11.2)pip26 Jun 2025
  • M
Directory Traversal
python-a2a[,0.5.6)pip25 Jun 2025
  • H
Improper Neutralization of Special Elements Used in a Template Engine
skyvern[,0.2.1)pip25 Jun 2025
  • C
Malicious Package
psslib[0,]pip25 Jun 2025
  • H
Server-side Request Forgery (SSRF)
langchain[,0.1.12)pip24 Jun 2025
  • H
Server-side Request Forgery (SSRF)
langchain-community[,0.0.28)pip24 Jun 2025
  • H
Cross-site Scripting (XSS)
changedetection.io[,0.50.4)pip24 Jun 2025
  • M
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
apache-airflow-providers-snowflake[,6.4.0)pip24 Jun 2025
  • M
Server-side Request Forgery (SSRF)
mlflow[,3.0.0)pip24 Jun 2025
  • C
Command Injection
motioneye[0.43.1b1,0.43.1b4)pip23 Jun 2025
  • M
Deserialization of Untrusted Data
inspiremusic[0,]pip23 Jun 2025