joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads

GHSA-frfh-8v73-gjg4 CVE-2025-65015 CRITICAL about 3 hours ago

### Summary The `ExceededSizeError` exception messages are embedded with non-decoded JWT token parts and may cause Python logging to record an arbi...

pypi

No PRs yet

OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.

GHSA-hcqg-5g63-7j9h CVE-2025-65073 HIGH 1 day ago

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone ...

pypi

No PRs yet

AstrBot is vulnerable to RCE with hard-coded JWT signing keys

GHSA-4m32-cjv7-f425 CVE-2025-55449 CRITICAL 4 days ago

### Summary AstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin. ### Deta...

pypi

No PRs yet

AWS Advanced Python Wrapper: Privilege Escalation in Aurora PostgreSQL instance

GHSA-4jvf-wx3f-2x8q CVE-2025-12967 HIGH 5 days ago

### Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. ...

pypi

No PRs yet

pgAdmin is affected by an LDAP injection vulnerability

GHSA-cvf4-f829-762v CVE-2025-12764 HIGH 5 days ago

pgAdmin <= 9.9 is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP charac...

pypi

No PRs yet

pgAdmin has vulnerability in LDAP authentication mechanism that allows bypassing TLS certificate verification

GHSA-g4r8-3qmh-pmch CVE-2025-12765 HIGH 5 days ago

pgAdmin <= 9.9 is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification.

pypi

No PRs yet

pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

GHSA-w2p4-p4rh-qcm3 CVE-2025-12762 CRITICAL 5 days ago

pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing resto...

pypi

No PRs yet

pgAdmin 4 has command injection vulnerability on Windows systems

GHSA-rm79-x4g6-hvg5 CVE-2025-12763 MODERATE 5 days ago

pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True du...

pypi

No PRs yet

Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU)

GHSA-rrx3-2x4g-mq2h CVE-2025-64509 HIGH 6 days ago

### Impact In affected versions, a specially crafted Brotli-compressed envelope can cause Bugsink to spend excessive CPU time in decompression, le...

pypi

No PRs yet

Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input

GHSA-fc2v-vcwj-269v CVE-2025-64508 HIGH 6 days ago

### Impact In affected versions, brotli "bombs" (highly compressed brotli streams, such as many zeros) can be sent to the server. Since the server...

pypi

No PRs yet

changedetection.io: Stored XSS in Watch update via API

GHSA-4c3j-3h7v-22q9 CVE-2025-62780 LOW 6 days ago

### Summary A Stored Cross Site Scripting is present in the changedetection.io Watch update API due to unsufficient security checks. ### Details ...

pypi

No PRs yet

Insecure Deserialization (pickle) in pdfminer.six CMap Loader — Local Privesc

GHSA-f83h-ghpp-7wcc HIGH 11 days ago

### 🚀 Overview This report **demonstrates a real-world privilege escalation** vulnerability in [pdfminer.six](https://github.com/pdfminer/pdfminer...

pypi

No PRs yet

Arbitrary Code Execution in pdfminer.six via Crafted PDF Input

GHSA-wf5f-4jwr-ppcp CVE-2025-64512 HIGH 11 days ago

### Summary pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The `CMapDB._load_data()`...

pypi

1

Dependabot PRs

AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64

GHSA-vm2f-46xc-5jc3 CVE-2025-57697 MODERATE 11 days ago

AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Since the _encode_image_bs64 function defined in e...

pypi

No PRs yet

AstrBot contains a directory traversal vulnerability

GHSA-xrj9-mw57-j34v CVE-2025-57698 HIGH 11 days ago

AstrBot Project v3.5.22 contains a directory traversal vulnerability. The handler function install_plugin_upload of the interface '/plugin/install-...

pypi

No PRs yet

Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

GHSA-cm35-v4vp-5xvx CVE-2025-64496 HIGH 11 days ago

### Summary Open WebUI v0.6.33 and below contains a code injection vulnerability in the Direct Connections feature that allows malicious external m...

npm pypi

No PRs yet

Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE

GHSA-w7xj-8fx7-wfch CVE-2025-64495 HIGH 11 days ago

### Summary The functionality that inserts custom prompts into the chat window is vulnerable to DOM XSS when 'Insert Prompt as Rich Text' is enabl...

npm pypi

No PRs yet

Open redirect endpoint in Datasette

GHSA-w832-gg5g-x44m CVE-2025-64481 LOW 12 days ago

### Impact Deployed instances of Datasette prior to `0.65.2` and `1.0a21` include an open redirect vulnerability. Hits to the path `//example.com...

pypi

No PRs yet

LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer

GHSA-wwqv-p2pp-99h5 CVE-2025-64439 HIGH 13 days ago

# Summary Prior to `langgraph-checkpoint` version `3.0` , LangGraph’s `JsonPlusSerializer` (used as the default serialization protocol for all che...

pypi

No PRs yet

Weblate leaks the IP of project member inviting user to be reviewer in Audit log

GHSA-gr35-vpx2-qxhc CVE-2025-64326 LOW 13 days ago

### Summary Weblate leaks the IP address of the project member inviting the user to the project in the audit log. ### Details The audit log includ...

pypi

No PRs yet

Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects.

GHSA-frmv-pr5f-9mcr CVE-2025-64459 CRITICAL 13 days ago

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `...

pypi

47

Dependabot PRs

Django has a denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows

GHSA-qw25-v68c-qjf3 CVE-2025-64458 HIGH 13 days ago

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a conseq...

pypi

47

Dependabot PRs

Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode

GHSA-m35w-xx8c-6xc7 CVE-2025-58337 MODERATE 13 days ago

An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control, allowing modifications that...

pypi

No PRs yet

OctoPrint vulnerable to XSS in Action Commands Notification and Prompt

GHSA-crvm-xjhm-9h29 CVE-2025-64187 MODERATE 14 days ago

### Impact OctoPrint versions up to and including 1.11.3 are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript in...

pypi

No PRs yet

Dosage vulnerable to a Directory Traversal through crafted HTTP responses

GHSA-4vcx-3pj3-44m7 CVE-2025-64184 HIGH 14 days ago

### Impact When downloadinging comic images, Dosage constructs target file names from different aspects of the remote comic (page URL, image URL, ...

pypi

No PRs yet

DSPy does not properly restrict file reads

GHSA-vvw2-h478-xwr3 CVE-2025-12695 MODERATE 14 days ago

The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes ...

pypi

No PRs yet

motionEye vulnerable to RCE via unsanitized motion config parameter

GHSA-j945-qm58-4gjx CVE-2025-60787 HIGH 15 days ago

## Summary A command injection vulnerability in MotionEye allows attackers to achieve Remote Code Execution (RCE) by supplying malicious values in ...

pypi

No PRs yet

Agno session state overwrites between different sessions/users

GHSA-vw84-hprm-cxmm CVE-2025-64168 HIGH 18 days ago

### Impact Under certain conditions (under high concurrency), when `session_state` is passed to an Agent or Team during run or arun calls, a race c...

pypi

No PRs yet

Ansible does not collect garbage after playbook run

GHSA-f556-49jc-4rvc CVE-2020-25635 MODERATE 18 days ago

A flaw was found in Ansible Base when using the aws_ssm connection plugin as its garbage collector is not happening after the playbook run is compl...

pypi

No PRs yet

cryptidy allows code execution via untrusted data due to pickle.loads

GHSA-97w9-v595-3h5q CVE-2025-63675 MODERATE 19 days ago

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aes_decrypt_message in symmetric_encry...

pypi

No PRs yet

Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation

GHSA-2qfp-q593-8484 CVE-2025-6176 HIGH 19 days ago

Scrapy versions up to 2.13.3 are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The prote...

pypi

3

Dependabot PRs

Keras keras.utils.get_file API is vulnerable to a path traversal attack

GHSA-28jp-44vh-q42h CVE-2025-12060 HIGH 19 days ago

The keras.utils.get_file API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utili...

pypi

No PRs yet

Byaidu PDFMathTranslate vulnerable to open redirect

GHSA-pfrv-63w8-q7rq CVE-2025-50736 LOW 19 days ago

An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect ...

pypi

No PRs yet

Apache Airflow's create action can upsert existing Pools/Connections/Variables

GHSA-gp5f-cx7h-8q6f CVE-2025-62503 MODERATE 19 days ago

User with CREATE and no UPDATE privilege for Pools, Connections, Variables could update existing records via bulk create API with overwrite action.

pypi

No PRs yet

Apache Airflow `/api/v2/dagReports` executes DAG Python in API

GHSA-273c-4g26-4jpm CVE-2025-62402 MODERATE 19 days ago

API users via `/api/v2/dagReports` could perform Dag code execution in the context of the api-server if the api-server was deployed in the environm...

pypi

No PRs yet

Apache Airflow has a command injection vulnerability in "example_dag_decorator"

GHSA-v3c9-j6h9-66v4 CVE-2025-54941 MODERATE 19 days ago

An example dag `example_dag_decorator` had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execu...

pypi

No PRs yet

LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

GHSA-7p73-8jqx-23r8 CVE-2025-64104 HIGH 20 days ago

### Summary LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper paramet...

pypi

No PRs yet

OpenUSD File Parsing Use-After-Free Remote Code Execution Vulnerability

GHSA-grjp-54v3-c442 MODERATE 20 days ago

# Patch This is fixed with [commit b953092](https://github.com/PixarAnimationStudios/OpenUSD/commit/b9530922b6a8ea72cd43661226b693fff8abbe4c), with...

pypi

No PRs yet

uv allows ZIP payload obfuscation through parsing differentials

GHSA-pqhf-p39g-3x64 MODERATE 20 days ago

### Impact In versions 0.9.5 and earlier of uv, ZIP archives were handled in a manner that enabled two parsing differentials against other compone...

pypi

1

Dependabot PRs

CKAN vulnerable to fixed session IDs

GHSA-2hvh-cw5c-8q8q CVE-2025-64100 MODERATE 20 days ago

### Impact Session ids could be fixed by an attacker if the site is configured with server-side session storage (CKAN uses cookie-based session st...

pypi

No PRs yet

MLflow Weak Password Requirements Authentication Bypass Vulnerability

GHSA-6xj8-rrqx-r4cv CVE-2025-11200 HIGH 20 days ago

MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affec...

pypi

No PRs yet

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability

GHSA-5cvj-7rg6-jggj CVE-2025-11201 HIGH 20 days ago

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execut...

pypi

No PRs yet

FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

GHSA-rj5c-58rq-j5g5 CVE-2025-62801 MODERATE 20 days ago

### Summary A command-injection vulnerability lets any attacker who can influence the server_name field of an MCP execute arbitrary OS commands on ...

pypi

No PRs yet

FastMCP vulnerable to reflected XSS in client's callback page

GHSA-mxxr-jv3v-6pgc CVE-2025-62800 MODERATE 20 days ago

### Summary While setting up an oauth client, it was noticed that the callback page hosted by the client during the flow embeds user-controlled con...

pypi

No PRs yet

FastMCP Auth Integration Allows for Confused Deputy Account Takeover

GHSA-c2jp-c369-7pvx HIGH 20 days ago

### Summary FastMCP documentation [covers the scenario](https://gofastmcp.com/integrations/azure) where it is possible to use Entra ID or other pr...

pypi

No PRs yet

CKAN vulnerable to stored XSS in resource description

GHSA-2r4h-8jxv-w2j8 CVE-2025-54384 MODERATE 20 days ago

### Impact The `helpers.markdown_extract()` function did not perform sufficient sanitization of input data before wrapping in an HTML literal elem...

pypi

No PRs yet

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

GHSA-mq84-hjqx-cwf2 CVE-2025-12058 MODERATE 21 days ago

The Keras.Model.load_model method, including when executed with the intended security mitigation safe_mode=True, is vulnerable to arbitrary local f...

pypi

No PRs yet

Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``

GHSA-7f5h-v6xp-fcq8 CVE-2025-62727 HIGH 21 days ago

### Summary An unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's `FileResponse` ...

pypi

8

Dependabot PRs

BBOT's gitlab.py exposes globally configured "gitlab" API key

GHSA-p3v4-c93g-cmhw CVE-2025-10282 MODERATE 22 days ago

### Summary bbot's `gitlab.py` sends the user's "gitlab" API key to on-premise GitLab instances. If a user has configured a gitlab.com API key us...

pypi

No PRs yet

pg8000 SQL injection vulnerability via a specially crafted Python list input

GHSA-wq2g-r956-j8cc CVE-2025-61385 HIGH 22 days ago

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list i...

pypi

No PRs yet