Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54283 |
|
Vulnerability in starlette (CVE-2026-54283)
vulnerability in starlette (CVE-2026-54283). Risk of unauthorized operations or information disclosure. Exploitable via ``max_fields``. Mitigation: upgrade to `1.3.1` or later.
|
| CVE-2026-54282 |
|
Vulnerability in Starlette (CVE-2026-54282)
vulnerability in Starlette (CVE-2026-54282). Risk of unauthorized operations or information disclosure. Exploitable via ``request.url``. Mitigation: upgrade to `1.3.0` or later.
|
| CVE-2026-48818 |
|
SSRF (Server-Side Request Forgery) in starlette (CVE-2026-48818)
SSRF in starlette (CVE-2026-48818). Confidential information can be exposed externally. Exploitable via ``StaticFiles``. Mitigation: upgrade to `1.1.0` or later.
|
| CVE-2026-48817 |
|
Vulnerability in starlette (CVE-2026-48817)
vulnerability in starlette (CVE-2026-48817). Risk of unauthorized operations or information disclosure. Exploitable via ``HTTPEndpoint``. Mitigation: upgrade to `1.1.0` or later.
|
| CVE-2026-48710 |
|
Vulnerability in starlette (CVE-2026-48710)
vulnerability in starlette (CVE-2026-48710). Risk of unauthorized operations or information disclosure. Exploitable via `GET /foo`. Mitigation: upgrade to `1.0.1` or later.
|
| CVE-2021-41945 |
|
Vulnerability in encode (CVE-2021-41945)
vulnerability in encode (CVE-2021-41945). Confidential information can be exposed externally. Exploitable via ``httpx.URL``.
|