Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: python Clear
ID Title
CVE-2026-54591 Path Traversal in CVE-2026-54591 (CVE-2026-54591)
path traversal in CVE-2026-54591 (CVE-2026-54591). Data can be tampered with by attackers.
CVE-2026-54590 Path Traversal in CVE-2026-54590 (CVE-2026-54590)
path traversal in CVE-2026-54590 (CVE-2026-54590). Data can be tampered with by attackers.
CVE-2026-59935 Vulnerability in CVE-2026-59935 (CVE-2026-59935)
vulnerability in CVE-2026-59935 (CVE-2026-59935). Risk of unauthorized operations or information disclosure.
CVE-2026-59936 Vulnerability in CVE-2026-59936 (CVE-2026-59936)
vulnerability in CVE-2026-59936 (CVE-2026-59936). Risk of unauthorized operations or information disclosure.
CVE-2026-59821 Code Injection in CVE-2026-59821 (CVE-2026-59821)
code injection in CVE-2026-59821 (CVE-2026-59821). Risk of unauthorized operations or information disclosure.
CVE-2026-58501 SSRF (Server-Side Request Forgery) in CVE-2026-58501 (CVE-2026-58501)
SSRF in CVE-2026-58501 (CVE-2026-58501). Confidential information can be exposed externally.
CVE-2026-59937 Vulnerability in CVE-2026-59937 (CVE-2026-59937)
vulnerability in CVE-2026-59937 (CVE-2026-59937). Risk of unauthorized operations or information disclosure.
CVE-2026-59926 Cross-Site Scripting (XSS) in CVE-2026-59926 (CVE-2026-59926)
cross-site scripting in CVE-2026-59926 (CVE-2026-59926). Risk of unauthorized operations or information disclosure.
CVE-2026-59924 Path Traversal in CVE-2026-59924 (CVE-2026-59924)
path traversal in CVE-2026-59924 (CVE-2026-59924). Confidential information can be exposed externally.
CVE-2026-59929 Cross-Site Scripting (XSS) in CVE-2026-59929 (CVE-2026-59929)
cross-site scripting in CVE-2026-59929 (CVE-2026-59929). Risk of unauthorized operations or information disclosure.
CVE-2026-59927 Vulnerability in CVE-2026-59927 (CVE-2026-59927)
vulnerability in CVE-2026-59927 (CVE-2026-59927). Risk of unauthorized operations or information disclosure.
CVE-2026-59890 Vulnerability in CVE-2026-59890 (CVE-2026-59890)
vulnerability in CVE-2026-59890 (CVE-2026-59890). Confidential information can be exposed externally.
CVE-2026-59923 Cross-Site Scripting (XSS) in CVE-2026-59923 (CVE-2026-59923)
cross-site scripting in CVE-2026-59923 (CVE-2026-59923). Risk of unauthorized operations or information disclosure.
CVE-2026-15062 SQL Injection in sqli (CVE-2026-15062)
SQL injection in sqli (CVE-2026-15062). Confidential information can be exposed externally.
CVE-2026-53511 Code Injection in CVE-2026-53511 (CVE-2026-53511)
code injection in CVE-2026-53511 (CVE-2026-53511). Risk of unauthorized operations or information disclosure.
CVE-2026-55798 OS Command Injection in pillow (CVE-2026-55798)
OS command injection in pillow (CVE-2026-55798). Risk of unauthorized operations or information disclosure.
CVE-2026-14534 Vulnerability in c (CVE-2026-14534)
vulnerability in c (CVE-2026-14534). Successful exploitation can lead to full system takeover.
CVE-2025-71372 Unsafe Deserialization in CVE-2025-71372 (CVE-2025-71372)
vulnerability in CVE-2025-71372 (CVE-2025-71372). Confidential information can be exposed externally.
CVE-2026-56777 Vulnerability in n8n (CVE-2026-56777)
vulnerability in n8n (CVE-2026-56777). Risk of unauthorized operations or information disclosure.
CVE-2025-71374 Unsafe Deserialization in deserialization (CVE-2025-71374)
vulnerability in deserialization (CVE-2025-71374). Confidential information can be exposed externally.
CVE-2025-71352 Vulnerability in CVE-2025-71352 (CVE-2025-71352)
vulnerability in CVE-2025-71352 (CVE-2025-71352). Confidential information can be exposed externally.
CVE-2026-57204 Vulnerability in dos (CVE-2026-57204)
vulnerability in dos (CVE-2026-57204). Risk of unauthorized operations or information disclosure.
CVE-2026-57585 Use-After-Free in dos (CVE-2026-57585)
vulnerability in dos (CVE-2026-57585). Risk of unauthorized operations or information disclosure.
CVE-2026-58138 Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
CVE-2026-58116 Code Injection in hiyouga (CVE-2026-58116)
code injection in hiyouga (CVE-2026-58116). Successful exploitation can lead to full system takeover.
CVE-2026-12243 Path Traversal in path-traversal (CVE-2026-12243)
path traversal in path-traversal (CVE-2026-12243). Confidential information can be exposed externally. Exploitable via ``_UNSAFE_NO_PROTOCOL_RE``.
CVE-2026-13749 Code Injection in snowflake (CVE-2026-13749)
code injection in snowflake (CVE-2026-13749). Successful exploitation can lead to full system takeover.
CVE-2026-49869 OS Command Injection in kestra (CVE-2026-49869)
OS command injection in kestra (CVE-2026-49869). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.45` or later.
CVE-2026-29509 Path Traversal in path-traversal (CVE-2026-29509)
path traversal in path-traversal (CVE-2026-29509). Risk of unauthorized operations or information disclosure.
CVE-2025-71340 Unsafe Deserialization in CVE-2025-71340 (CVE-2025-71340)
vulnerability in CVE-2025-71340 (CVE-2025-71340). Confidential information can be exposed externally.
CVE-2026-57456 Code Injection in vim (CVE-2026-57456)
code injection in vim (CVE-2026-57456). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.2.0699` or later.
CVE-2026-33235 Vulnerability in dos (CVE-2026-33235)
vulnerability in dos (CVE-2026-33235). Risk of unauthorized operations or information disclosure.
CVE-2026-49851 Vulnerability in dos (CVE-2026-49851)
vulnerability in dos (CVE-2026-49851). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.0` or later.
CVE-2026-56121 Unsafe Deserialization in deserialization (CVE-2026-56121)
vulnerability in deserialization (CVE-2026-56121). Successful exploitation can lead to full system takeover.
CVE-2026-55488 Path Traversal in motioneye (CVE-2026-55488)
path traversal in motioneye (CVE-2026-55488). Risk of unauthorized operations or information disclosure. Exploitable via `GET /movie/`. Mitigation: upgrade to `0.44.0` or later.
CVE-2026-55448 OS Command Injection in mise (CVE-2026-55448)
OS command injection in mise (CVE-2026-55448). Confidential information can be exposed externally. Exploitable via ``mise``. Mitigation: upgrade to `2026.6.4` or later.
CVE-2026-55441 OS Command Injection in mise (CVE-2026-55441)
OS command injection in mise (CVE-2026-55441). Successful exploitation can lead to full system takeover. Exploitable via ``mise.toml``. Mitigation: upgrade to `2026.6.4` or later.
CVE-2026-54557 Path Traversal in mise (CVE-2026-54557)
path traversal in mise (CVE-2026-54557). Data can be tampered with by attackers. Exploitable via ``bin_path``. Mitigation: upgrade to `2026.6.1` or later.
CVE-2026-56315 Vulnerability in CVE-2026-56315 (CVE-2026-56315)
vulnerability in CVE-2026-56315 (CVE-2026-56315). Successful exploitation can lead to full system takeover.
CVE-2026-54651 Vulnerability in pypdf-project (CVE-2026-54651)
vulnerability in pypdf-project (CVE-2026-54651). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.13.1` or later.
CVE-2026-33646 Code Injection in mise (CVE-2026-33646)
code injection in mise (CVE-2026-33646). Successful exploitation can lead to full system takeover. Exploitable via ``tera_exec``. Mitigation: upgrade to `2026.3.10` or later.
CVE-2026-10561 Code Injection in langflow (CVE-2026-10561)
code injection in langflow (CVE-2026-10561). Successful exploitation can lead to full system takeover.
CVE-2026-54911 Vulnerability in ujson (CVE-2026-54911)
vulnerability in ujson (CVE-2026-54911). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.13.0` or later.
CVE-2026-23879 Vulnerability in py7zr (CVE-2026-23879)
vulnerability in py7zr (CVE-2026-23879). Successful exploitation can lead to full system takeover. Exploitable via ``py7zr``. Mitigation: upgrade to `1.1.3` or later.
CVE-2026-49290 Path Traversal in CVE-2026-49290 (CVE-2026-49290)
path traversal in CVE-2026-49290 (CVE-2026-49290). Risk of unauthorized operations or information disclosure. Exploitable via ``zipfile``.
CVE-2026-49257 Vulnerability in mcp-pinot-server (CVE-2026-49257)
vulnerability in mcp-pinot-server (CVE-2026-49257). Successful exploitation can lead to full system takeover. Exploitable via `Authorization header`. Mitigation: upgrade to `3.1.0` or later.
CVE-2026-38716 Command Injection in inhandnetworks (CVE-2026-38716)
command injection in inhandnetworks (CVE-2026-38716). Successful exploitation can lead to full system takeover.
CVE-2026-38714 Command Injection in inhandnetworks (CVE-2026-38714)
command injection in inhandnetworks (CVE-2026-38714). Successful exploitation can lead to full system takeover.
CVE-2026-48990 Vulnerability in joserfc (CVE-2026-48990)
vulnerability in joserfc (CVE-2026-48990). Risk of unauthorized operations or information disclosure. Exploitable via ``joserfc``. Mitigation: upgrade to `1.6.7` or later.
CVE-2026-12530 Vulnerability in Amazon bedrock-agentcore (CVE-2026-12530)
vulnerability in Amazon bedrock-agentcore (CVE-2026-12530). Confidential information can be exposed externally. Mitigation: upgrade to `1.6.1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →