Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)
web2py[0,]pip2 Jun 2025
  • H
SQL Injection
apache-superset[,4.1.2)pip1 Jun 2025
  • M
Insecure Inherited Permissions
django-helpdesk[,1.0.0)pip1 Jun 2025
  • H
Arbitrary Code Injection
aim[0,]pip1 Jun 2025
  • H
Uncaught Exception
vllm[0.8.0,0.9.0)pip30 May 2025
  • M
Regular Expression Denial of Service (ReDoS)
vllm[0.6.4,0.9.0)pip30 May 2025
  • H
Command Injection
llama-index-cli[,0.4.1)pip30 May 2025
  • M
Origin Validation Error
gradio[0,]pip30 May 2025
  • M
Arbitrary File Upload
gradio[,5.31.0)pip30 May 2025
  • H
Uncaught Exception
vllm[0.8.0,0.9.0)pip29 May 2025
  • C
Deserialization of Untrusted Data
tensorrt-llm[,0.18.2)pip29 May 2025
  • H
Improper Certificate Validation
redshift-connector[2.0.872,2.1.7)pip29 May 2025
  • H
Transmission of Private Resources into a New Sphere ('Resource Leak')
django-select2[,8.2.4)[8.3.0,8.4.1)pip28 May 2025
  • M
Buffer Overflow
rockhopper[,0.2.0)pip28 May 2025
  • M
Prototype Pollution
docarray[0,]pip26 May 2025
  • L
Use of Less Trusted Source
fastapi-guard[,2.0.0)pip26 May 2025
  • M
Arbitrary Code Injection
factool[0,]pip22 May 2025
  • C
Deserialization of Untrusted Data
vllm[0.6.5,0.8.5)pip21 May 2025
  • M
Insufficient Control Flow Management
vyper[,0.4.2)pip20 May 2025
  • M
Regular Expression Denial of Service (ReDoS)
transformers[,4.50.0)pip20 May 2025
  • M
Insufficient Control Flow Management
vyper[0.3.8,0.4.2)pip19 May 2025
  • H
Cross-site Scripting (XSS)
label-studio[,1.18.0)pip19 May 2025
  • M
Server-side Request Forgery (SSRF)
crawl4ai[0,]pip19 May 2025
  • M
Open Redirect
flask-appbuilder[,4.6.2)pip18 May 2025
  • H
Allocation of Resources Without Limits or Throttling
tornado[,6.5)pip16 May 2025
  • L
Function Call With Incorrect Order of Arguments
flask[3.1.0,3.1.1)pip14 May 2025
  • M
Incorrect Default Permissions
apache-superset[,4.1.2)pip14 May 2025
  • L
Arbitrary Command Injection
aworld[0,]pip14 May 2025
  • M
Use of Non-Canonical URL Paths for Authorization Decisions
browser-use[,0.1.45)pip14 May 2025
  • H
Incorrect Resource Transfer Between Spheres
youtube_dl[2015.01.25,]pip14 May 2025