Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-python-2026-7774 | tarfile.data_filter path traversal bypass allows writing outside the extraction directory | 2026-06-08T08:13:38.414Z | 2026-06-08T08:30:38.789Z |
| bit-libpython-2026-7774 | tarfile.data_filter path traversal bypass allows writing outside the extraction directory | 2026-06-08T08:09:23.366Z | 2026-06-08T08:30:38.789Z |
| bit-django-2026-8404 | Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware | 2026-06-06T08:39:25.918Z | 2026-06-06T09:05:43.229Z |
| bit-django-2026-7666 | Potential unencrypted email transmission via STARTTLS in the SMTP backend | 2026-06-06T08:39:24.753Z | 2026-06-06T09:05:43.229Z |
| bit-django-2026-6873 | Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie | 2026-06-06T08:39:22.320Z | 2026-06-06T09:05:43.229Z |
| bit-django-2026-48587 | Potential exposure of private data via whitespace padding in Vary header | 2026-06-06T08:39:19.876Z | 2026-06-06T09:05:43.229Z |
| bit-django-2026-35193 | Potential exposure of private data via missing Vary: Authorization in UpdateCacheMiddleware | 2026-06-06T08:39:15.077Z | 2026-06-06T09:05:43.229Z |
| bit-gdal-2026-49014 | 2026-06-05T08:44:46.134Z | 2026-06-05T18:03:32.375Z | |
| bit-python-2026-3276 | Potential DoS via quadratic complexity in unicodedata.normalize() | 2026-06-05T13:04:10.450Z | 2026-06-05T13:22:57.787Z |
| bit-libpython-2026-3276 | Potential DoS via quadratic complexity in unicodedata.normalize() | 2026-06-05T12:56:59.092Z | 2026-06-05T13:22:57.787Z |
| bit-python-2026-8328 | FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address | 2026-06-05T10:55:23.655Z | 2026-06-05T11:13:32.755Z |
| bit-python-2026-7210 | The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection | 2026-06-05T10:55:22.351Z | 2026-06-05T11:13:32.755Z |
| bit-libpython-2026-8328 | FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address | 2026-06-05T10:47:52.629Z | 2026-06-05T11:13:32.755Z |
| bit-libpython-2026-7210 | The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection | 2026-06-05T10:47:50.406Z | 2026-06-05T11:13:32.755Z |
| bit-python-2026-3087 | shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs | 2026-04-29T11:50:21.474Z | 2026-06-05T09:11:00.149Z |
| bit-python-2026-1502 | HTTP client proxy tunnel headers not validated for CR/LF | 2026-04-16T23:50:28.207Z | 2026-06-05T09:11:00.149Z |
| bit-mlflow-2026-4035 | Environment Variable Resolution Vulnerability in mlflow/mlflow | 2026-06-05T08:52:23.138Z | 2026-06-05T09:11:00.149Z |
| bit-mlflow-2026-2651 | Missing Authorization Validation in mlflow/mlflow | 2026-06-05T08:52:14.527Z | 2026-06-05T09:11:00.149Z |
| bit-mlflow-2026-10803 | MLflow Dataset Digest Computation digest_utils.py mlflow.data.digest_utils weak hash | 2026-06-05T08:52:09.342Z | 2026-06-05T09:11:00.149Z |
| bit-libpython-2026-3087 | shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs | 2026-04-29T11:42:50.850Z | 2026-06-05T09:11:00.149Z |
| bit-libpython-2026-1502 | HTTP client proxy tunnel headers not validated for CR/LF | 2026-04-16T23:43:06.028Z | 2026-06-05T09:11:00.149Z |
| bit-golang-2026-27145 | Inefficient candidate hostname parsing in crypto/x509 | 2026-06-05T05:44:57.398Z | 2026-06-05T09:11:00.149Z |
| bit-appsmith-2026-7299 | CVE-2026-7299 | 2026-06-05T08:42:17.288Z | 2026-06-05T09:11:00.149Z |
| bit-sqlite-2025-3277 | 2025-04-16T07:42:43.650Z | 2026-06-05T06:08:58.631Z | |
| bit-sqlite-2025-29087 | 2025-04-11T19:26:41.394Z | 2026-06-05T06:08:58.631Z | |
| bit-solr-2026-44825 | Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users | 2026-06-05T05:53:30.550Z | 2026-06-05T06:08:58.631Z |
| bit-mlflow-2026-4137 | Incomplete Fix for CVE-2025-10279: Insecure Temporary Directory Permissions in mlflow/mlflow | 2026-06-05T05:49:11.238Z | 2026-06-05T06:08:58.631Z |
| bit-mlflow-2026-3198 | Improper Access Control in mlflow/mlflow | 2026-06-05T05:49:06.558Z | 2026-06-05T06:08:58.631Z |
| bit-mlflow-2026-2734 | Authorization Bypass in SearchModelVersions in mlflow/mlflow | 2026-06-05T05:49:04.930Z | 2026-06-05T06:08:58.631Z |
| bit-mariadb-2026-35549 | 2026-06-05T05:48:16.659Z | 2026-06-05T06:08:58.631Z |