Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-218 |
7.8 (3.1)
|
Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vu… | transformers | 2025-12-23T21:15:48.367Z | 2026-05-20T15:59:27.401437Z |
| pysec-2025-217 |
7.8 (3.1)
|
Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data … | transformers | 2025-12-23T21:15:48.240Z | 2026-05-20T15:59:27.254189Z |
| pysec-2025-216 |
7.8 (3.1)
|
Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vuln… | transformers | 2025-12-23T21:15:48.110Z | 2026-05-20T15:59:27.180970Z |
| pysec-2025-215 |
7.8 (3.1)
|
Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulne… | transformers | 2025-12-23T21:15:47.987Z | 2026-05-20T15:59:27.106790Z |
| pysec-2025-214 |
7.8 (3.1)
|
Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnera… | transformers | 2025-12-23T21:15:47.857Z | 2026-05-20T15:59:27.032530Z |
| pysec-2025-213 |
7.8 (3.1)
|
Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Exe… | transformers | 2025-12-23T21:15:47.600Z | 2026-05-20T15:59:26.961327Z |
| pysec-2025-212 |
7.8 (3.1)
|
Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote C… | transformers | 2025-12-23T21:15:47.340Z | 2026-05-20T15:59:26.889615Z |
| pysec-2025-211 |
7.8 (3.1)
|
Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code E… | transformers | 2025-12-23T21:15:47.183Z | 2026-05-20T15:59:26.816274Z |
| pysec-2026-115 |
6.1 (3.1)
|
OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting (XSS) attack via the /gra… | pycti | 2026-01-30T23:16:10.257Z | 2026-05-20T14:41:05.643690Z |
| pysec-2026-114 |
7.5 (3.1)
|
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. … | pycti | 2026-01-30T23:16:09.750Z | 2026-05-20T14:41:05.469103Z |
| pysec-2026-160 |
7.5 (3.1)
|
Twisted is an event-based framework for internet applications, supporting Python 3.6+. Pr… | twisted | 2026-05-13T21:16:46.933Z | 2026-05-20T12:35:31.546681Z |
| pysec-2026-159 |
9.6 (3.1)
|
BentoML is a Python library for building online serving systems optimized for AI apps and… | bentoml | 2026-04-06T18:16:41.990Z | 2026-05-20T12:35:10.976510Z |
| pysec-2026-158 |
7.8 (3.1)
|
BentoML is a Python library for building online serving systems optimized for AI apps and… | bentoml | 2026-04-06T18:16:41.823Z | 2026-05-20T12:35:10.914984Z |
| pysec-2026-157 |
7.8 (3.1)
|
BentoML is a Python library for building online serving systems optimized for AI apps and… | bentoml | 2026-03-27T01:16:21.007Z | 2026-05-20T12:35:10.857901Z |
| pysec-2025-235 |
6.5 (3.1)
|
XGrammar is an open-source library for efficient, flexible, and portable structured gener… | xgrammar | 2025-04-09T16:15:26.210Z | 2026-05-20T09:19:24.371536Z |
| pysec-2023-321 |
5.7 (3.1)
|
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and fire… | wireguard | 2023-08-09T23:15:10.007Z | 2026-05-20T09:19:24.310411Z |
| pysec-2025-234 |
6.1 (3.1)
|
A vulnerability, which was classified as problematic, has been found in Huashengdun WebSS… | webssh | 2025-07-20T12:15:24.903Z | 2026-05-20T09:19:24.190413Z |
| pysec-2026-156 |
4.1 (3.1)
|
Weblate is a web based localization tool. In versions prior to 5.17, the webhook add-on d… | weblate | 2026-04-15T19:16:36.373Z | 2026-05-20T09:19:24.075975Z |
| pysec-2026-155 |
8.8 (3.1)
|
Weblate is a web based localization tool. In versions prior to 5.17, the user patching AP… | weblate | 2026-04-15T19:16:36.070Z | 2026-05-20T09:19:24.017900Z |
| pysec-2026-154 |
8.0 (3.1)
|
Weblate is a web based localization tool. In versions prior to 5.17, the project backup d… | weblate | 2026-04-15T19:16:35.277Z | 2026-05-20T09:19:23.960405Z |
| pysec-2026-153 |
6.8 (3.1)
|
Weblate is a web based localization tool. In versions prior to 5.17, the translation memo… | weblate | 2026-04-15T19:16:35.130Z | 2026-05-20T09:19:23.903253Z |
| pysec-2026-152 |
4.3 (3.1)
|
Weblate is a web based localization tool. In versions prior to 5.17, the translation memo… | weblate | 2026-04-15T18:17:20.053Z | 2026-05-20T09:19:23.846352Z |
| pysec-2025-233 |
4.3 (3.1)
|
Weblate is a web based localization tool. In versions prior to 5.15, it was possible to r… | weblate | 2025-12-16T01:15:52.057Z | 2026-05-20T09:19:23.790971Z |
| pysec-2025-232 |
5.3 (3.1)
|
Weblate is a web based localization tool. In versions prior to 5.15, it was possible to t… | weblate | 2025-12-16T01:15:51.907Z | 2026-05-20T09:19:23.734186Z |
| pysec-2025-231 |
5.0 (3.1)
|
Weblate is a web based localization tool. The Create Component functionality in Weblate a… | weblate | 2025-12-16T00:16:02.357Z | 2026-05-20T09:19:23.676060Z |
| pysec-2025-230 |
3.5 (3.1)
|
Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the … | weblate | 2025-11-06T21:15:43.957Z | 2026-05-20T09:19:23.616964Z |
| pysec-2026-151 |
5.0 (3.1)
|
Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound a… | wasmtime | 2026-04-09T19:16:24.850Z | 2026-05-20T09:19:23.560564Z |
| pysec-2024-311 |
2.9 (3.1)
|
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderi… | wasmtime | 2024-10-09T18:15:09.120Z | 2026-05-20T09:19:23.498699Z |
| pysec-2024-312 |
5.5 (3.1)
|
Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssem… | wasmtime-bin | 2024-10-09T18:15:08.863Z | 2026-05-20T09:19:23.363572Z |
| pysec-2026-150 |
5.3 (3.1)
|
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.… | wagtail | 2026-05-11T16:17:35.850Z | 2026-05-20T09:19:23.243050Z |