Security Deep Dive
autogen
Security posture and CVE patch evidence from tracked releases.
12 critical dependency CVEs affects python-v0.7.5.
Audit transitive dependencies; consider upgrading or pinning replacements.
— Signed
— SLSA
✓ SBOM
✓ Security policy
Weekly cadence · 10d median
Sporadic maintainer
Trust Signals — 4 of 9 Present
Evidence already collected from releases and repository metadata.
4/9
Present
Signed releases
Unknown
Latest release artifact signature
Latest release
—
SLSA provenance
Unknown
Attestation predicate level
Latest release
—
SBOM published
Present
GitHub SBOM API
Latest release
Last verified: 28d ago
SECURITY.md
Present
GitHub repository metadata
Repository policy
Checked: 18d ago
Release cadence: weekly
Present
10d median over recent releases
Release history
Latest release: 8mo ago
Maintainer sporadic
Present
Recent commit activity
Repository
Last commit: 1mo ago
Checksums (SHA256SUMS)
Not active yet
SHA256SUMS or equivalent
Release asset
Latest release: 8mo ago
GitHub Actions attestation
Not active yet
actions/attest-build-provenance
Workflow file
Latest release: 8mo ago
Signing assets
Not active yet
.sig, .crt, cosign.pub, or similar
Release asset
Latest release: 8mo ago
4.1/10
Security Score
5.9/10
Scorecard
Dependency Exposure
247 transitive dependency
CVEs found in the latest SBOM.
12 critical.
Security Score
A composite score aggregating Scorecard performance, CVE patch history, OpenSSF badge tier, and dependency vulnerability exposure. Score ≥ 7.0 is healthy; < 4.0 warrants attention.
epss
0.25 / 0.5
No EPSS data
freshness
0.94 / 1.0
49d stale
scorecard
2.36 / 4.0
Score 5.9/10
cve health
0.00 / 2.5
No open CVEs
patch speed
0.50 / 0.5
⚠ Estimated — no CVE patch history
kev exposure
1.50 / 1.5
No KEV exposure
supply chain risk
-1.50 / 10.0
Risk 100.0/100
Score breakdown
schema v2Vulnerability posture
vulnerability posture
0.0
25%
direct cves: clear
cve scan: available
Release responsiveness
release responsiveness
10.0
5%
patch speed days: no_history
Dependency exposure
dependency exposure
0.0
10%
supply chain risk: 100.0
transitive cves: 12c/82h
Provenance trust
provenance trust
5.9
40%
scorecard score: 5.9
openssf badge: none
Maintainer health
maintainer health
9.4
10%
activity freshness: 49d
Operational risk
operational risk
8.5
10%
kev exposure: clear
epss max: none
How is this calculated?
The six dimensions group the legacy score signals into weighted categories: direct vulnerability status, patch responsiveness, dependency exposure, provenance checks, maintainer activity, and exploitability risk. The flat component values above remain available for compatibility.
Supply Chain Risk
Risk 100.0/100
12
Transitive critical CVEs
0
KEV-transitive CVEs
37%
Dependency freshness
Scorecard
Scorecard 5.9/10OpenSSF Scorecard evaluates supply-chain security practices automatically. Score ≥ 6 is passing; ≥ 8 is excellent.
| Check | Score | Reason |
|---|---|---|
| CII-Best-Practices | 0 | no effort to earn an OpenSSF best practices badge detected |
| Security-Policy | 10 | security policy file detected |
| Code-Review | 6 | Found 16/24 approved changesets -- score normalized to 6 |
| Maintained | 3 | 3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3 |
| License | 10 | license file detected |
| Dangerous-Workflow | 10 | no dangerous workflow patterns detected |
| Token-Permissions | 0 | detected GitHub workflow tokens with excessive permissions |
| Binary-Artifacts | 10 | no binaries found in the repo |
| Branch-Protection | 5 | branch protection is not maximal on development and all release branches |
| Signed-Releases | -1 | no releases found |
| Fuzzing | 0 | project is not fuzzed |
| Packaging | 10 | packaging workflow detected |
| SAST | 10 | SAST tool is run on all commits |
| Pinned-Dependencies | 0 | dependency not pinned by hash detected -- score normalized to 0 |
OpenSSF Badge
OpenSSF none
Badge indicates adherence to open-source best practices.
Dependency Vulnerabilities
2334 dependencies scanned
View full dependency list →
Scanning the SBOM (Software Bill of Materials) of the latest release for known vulnerabilities in transitive dependencies.
Critical
12
High
82
Medium
115
Low
34
Unknown
4
Critical
12
High
82
Medium
115
Low
34
Unknown
4
| CVE | Severity | KEV | Dependency | Affected version | Cleared in release |
|---|---|---|---|---|---|
| CVE-2017-18342 | critical | — | pyyaml | — | — |
| CVE-2019-20477 | critical | — | pyyaml | — | — |
| CVE-2020-14343 | critical | — | pyyaml | — | — |
| CVE-2020-1747 | critical | — | pyyaml | — | — |
| CVE-2025-14009 | critical | — | nltk | 3.9.1 | — |
| CVE-2025-1793 | critical | — | llama-index | 0.12.14 | — |
| CVE-2025-32434 | critical | — | torch | 2.5.1 | — |
| CVE-2025-43859 | critical | — | h11 | 0.14.0 | — |
| CVE-2025-68664 | critical | — | langchain-core | 0.3.32 | — |
| CVE-2025-7783 | critical | — | form-data | 4.0.3 | — |
| CVE-2026-25592 | critical | — | semantic-kernel | 1.19.0 | — |
| CVE-2026-26030 | critical | — | semantic-kernel | 1.19.0 | — |
| CVE-2013-4251 | high | — | scipy | — | — |
| CVE-2015-5237 | high | — | protobuf | — | — |
| CVE-2015-5237 | high | — | Google.Protobuf | 0 | — |
| CVE-2022-1941 | high | — | protobuf | — | — |
| CVE-2023-36414 | high | — | Azure.Identity | 0 | — |
| CVE-2024-21907 | high | — | Newtonsoft.Json | 0 | — |
| CVE-2024-23334 | high | — | aiohttp | 3.7.4 | — |
| CVE-2024-30251 | high | — | aiohttp | 3.7.4 | — |
| CVE-2025-1753 | high | — | llama-index-cli | 0.4.0 | — |
| CVE-2025-30167 | high | — | jupyter-core | 5.7.2 | — |
| CVE-2025-4565 | high | — | protobuf | — | — |
| CVE-2025-47273 | high | — | setuptools | 75.8.0 | — |
| CVE-2025-47287 | high | — | tornado | 6.4.2 | — |
| CVE-2025-5302 | high | — | llama-index-core | 0.12.14 | — |
| CVE-2025-58754 | high | — | axios | 1.9.0 | — |
| CVE-2025-59343 | high | — | tar-fs | 3.0.9 | — |
| CVE-2025-6209 | high | — | llama-index-core | 0.12.14 | — |
| CVE-2025-62727 | high | — | starlette | 0.41.3 | — |
| CVE-2025-64439 | high | — | langgraph-checkpoint | 2.0.10 | — |
| CVE-2025-64512 | high | — | pdfminer-six | 20240706 | — |
| CVE-2025-64756 | high | — | glob | 10.4.5 | — |
| CVE-2025-65106 | high | — | langchain-core | 0.3.32 | — |
| CVE-2025-66416 | high | — | mcp | 1.12.1 | — |
| CVE-2025-66418 | high | — | urllib3 | 2.3.0 | — |
| CVE-2025-66471 | high | — | urllib3 | 2.3.0 | — |
| CVE-2025-67221 | high | — | orjson | 3.10.15 | — |
| CVE-2025-69223 | high | — | aiohttp | 3.7.4 | — |
| CVE-2025-6984 | high | — | langchain-community | 0.3.16 | — |
| CVE-2025-6985 | high | — | langchain-text-splitters | 0.3.5 | — |
| CVE-2025-70559 | high | — | pdfminer-six | 20240706 | — |
| CVE-2025-7338 | high | — | multer | 2.0.1 | — |
| CVE-2025-7647 | high | — | llama-index-core | 0.12.14 | — |
| CVE-2025-7707 | high | — | llama-index | 0.12.14 | — |
| CVE-2026-0846 | high | — | nltk | 3.9.1 | — |
| CVE-2026-0847 | high | — | nltk | 3.9.1 | — |
| CVE-2026-0994 | high | — | protobuf | — | — |
| CVE-2026-21226 | high | — | azure-core | 1.32.0 | — |
| CVE-2026-21441 | high | — | urllib3 | 2.3.0 | — |
| CVE-2026-22219 | high | — | chainlit | 2.0.603 | — |
| CVE-2026-23490 | high | — | pyasn1 | 0.6.1 | — |
| CVE-2026-2359 | high | — | multer | 2.0.1 | — |
| CVE-2026-24486 | high | — | python-multipart | 0.0.18 | — |
| CVE-2026-2473 | high | — | google-cloud-aiplatform | 1.79.0 | — |
| CVE-2026-25639 | high | — | axios | 1.9.0 | — |
| CVE-2026-25990 | high | — | pillow | 11.0.0 | — |
| CVE-2026-26007 | high | — | cryptography | 44.0.0 | — |
| CVE-2026-26996 | high | — | minimatch | 9.0.5 | — |
| CVE-2026-27903 | high | — | minimatch | 9.0.5 | — |
| CVE-2026-27904 | high | — | minimatch | 9.0.5 | — |
| CVE-2026-29063 | high | — | immutable | 3.7.6 | — |
| CVE-2026-29074 | high | — | svgo | 2.8.0 | — |
| CVE-2026-30922 | high | — | pyasn1 | 0.6.1 | — |
| CVE-2026-31958 | high | — | tornado | 6.4.2 | — |
| CVE-2026-32141 | high | — | flatted | 3.3.3 | — |
| CVE-2026-32597 | high | — | pyjwt | 2.10.1 | — |
| CVE-2026-3304 | high | — | multer | 2.0.1 | — |
| CVE-2026-33151 | high | — | socket.io-parser | 4.2.4 | — |
| CVE-2026-33228 | high | — | flatted | 3.3.3 | — |
| CVE-2026-33231 | high | — | nltk | 3.9.1 | — |
| CVE-2026-33236 | high | — | nltk | 3.9.1 | — |
| CVE-2026-33671 | high | — | picomatch | 2.3.1 | — |
| CVE-2026-34070 | high | — | langchain-core | 0.3.32 | — |
| CVE-2026-3520 | high | — | multer | 2.0.1 | — |
| CVE-2026-35536 | high | — | tornado | 6.4.2 | — |
| CVE-2026-40192 | high | — | pillow | 11.0.0 | — |
| CVE-2026-41066 | high | — | lxml | 5.3.0 | — |
| CVE-2026-42033 | high | — | axios | 1.9.0 | — |
| CVE-2026-42035 | high | — | axios | 1.9.0 | — |
| CVE-2026-42043 | high | — | axios | 1.9.0 | — |
| CVE-2026-42215 | high | — | gitpython | 3.1.44 | — |
| CVE-2026-42264 | high | — | axios | 1.9.0 | — |
| CVE-2026-42284 | high | — | gitpython | 3.1.44 | — |
| CVE-2026-42311 | high | — | pillow | 11.0.0 | — |
| CVE-2026-42561 | high | — | python-multipart | 0.0.18 | — |
| CVE-2026-44243 | high | — | gitpython | 3.1.44 | — |
| CVE-2026-44244 | high | — | gitpython | 3.1.44 | — |
| CVE-2026-44307 | high | — | mako | 1.3.8 | — |
| CVE-2026-4800 | high | — | lodash | 4.17.21 | — |
| CVE-2026-4867 | high | — | path-to-regexp | 0.1.12 | — |
| CVE-2026-6321 | high | — | fast-uri | 3.0.6 | — |
| CVE-2026-6322 | high | — | fast-uri | 3.0.6 | — |
| GHSA-5c6j-r48x-rmvq | high | — | serialize-javascript | 6.0.2 | — |
| CVE-2021-29510 | medium | — | pydantic | 3.0.0,>= 2.10.0 | — |
| CVE-2023-37276 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2023-47627 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2023-49081 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2023-49082 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2024-21319 | medium | — | System.IdentityModel.Tokens.Jwt | 0 | — |
| CVE-2024-23829 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2024-27306 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2024-29992 | medium | — | Azure.Identity | 0 | — |
| CVE-2024-32028 | medium | — | OpenTelemetry.Instrumentation.AspNetCore | 0 | — |
| CVE-2024-32028 | medium | — | OpenTelemetry.Instrumentation.Http | 0 | — |
| CVE-2024-35255 | medium | — | Azure.Identity | 0 | — |
| CVE-2024-35255 | medium | — | azure-identity | — | — |
| CVE-2024-3772 | medium | — | pydantic | 3.0.0,>= 2.10.0 | — |
| CVE-2024-47081 | medium | — | requests | 2.32.3 | — |
| CVE-2024-52304 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2025-11849 | medium | — | mammoth | 1.9.0 | — |
| CVE-2025-1194 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-13465 | medium | — | lodash | 4.17.21 | — |
| CVE-2025-15284 | medium | — | qs | 6.13.0 | — |
| CVE-2025-2099 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-27516 | medium | — | jinja2 | 3.1.5 | — |
| CVE-2025-3108 | medium | — | llama-index-core | 0.12.14 | — |
| CVE-2025-3263 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-3264 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-3730 | medium | — | torch | 2.5.1 | — |
| CVE-2025-3933 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-50181 | medium | — | urllib3 | 2.3.0 | — |
| CVE-2025-50182 | medium | — | urllib3 | 2.3.0 | — |
| CVE-2025-5197 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-54121 | medium | — | starlette | 0.41.3 | — |
| CVE-2025-5472 | medium | — | llama-index-core | 0.12.14 | — |
| CVE-2025-55197 | medium | — | pypdf | 5.2.0 | — |
| CVE-2025-56648 | medium | — | @parcel/reporter-dev-server | 2.8.3 | — |
| CVE-2025-6051 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-61765 | medium | — | python-socketio | 5.12.1 | — |
| CVE-2025-6208 | medium | — | llama-index-core | 0.12.14 | — |
| CVE-2025-6211 | medium | — | llama-index | 0.12.14 | — |
| CVE-2025-62707 | medium | — | pypdf | 5.2.0 | — |
| CVE-2025-62708 | medium | — | pypdf | 5.2.0 | — |
| CVE-2025-62718 | medium | — | axios | 1.9.0 | — |
| CVE-2025-64718 | medium | — | js-yaml | 3.14.1 | — |
| CVE-2025-66019 | medium | — | pypdf | 5.2.0 | — |
| CVE-2025-66034 | medium | — | fonttools | 4.55.7 | — |
| CVE-2025-66221 | medium | — | werkzeug | 3.1.3 | — |
| CVE-2025-6638 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-66400 | medium | — | mdast-util-to-hast | 13.2.0 | — |
| CVE-2025-68146 | medium | — | filelock | 3.17.0 | — |
| CVE-2025-68480 | medium | — | marshmallow | 3.26.0 | — |
| CVE-2025-6921 | medium | — | transformers | 4.48.1 | — |
| CVE-2025-69227 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2025-69228 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2025-69229 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2025-69872 | medium | — | diskcache | 5.6.3 | — |
| CVE-2025-69873 | medium | — | ajv | 6.12.6 | — |
| CVE-2025-71176 | medium | — | pytest | — | — |
| CVE-2025-8869 | medium | — | pip | 25.0 | — |
| CVE-2026-1839 | medium | — | transformers | 4.48.1 | — |
| CVE-2026-21860 | medium | — | werkzeug | 3.1.3 | — |
| CVE-2026-22701 | medium | — | filelock | 3.17.0 | — |
| CVE-2026-22815 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2026-24688 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-25645 | medium | — | requests | 2.32.3 | — |
| CVE-2026-27024 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-27025 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-27026 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-27199 | medium | — | werkzeug | 3.1.3 | — |
| CVE-2026-27794 | medium | — | langgraph-checkpoint | 2.0.10 | — |
| CVE-2026-27888 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-28277 | medium | — | langgraph | 0.2.68 | — |
| CVE-2026-28351 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-28684 | medium | — | python-dotenv | 1.0.1 | — |
| CVE-2026-28804 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-2950 | medium | — | lodash | 4.17.21 | — |
| CVE-2026-31808 | medium | — | file-type | 16.5.4 | — |
| CVE-2026-31826 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-3219 | medium | — | pip | 25.0 | — |
| CVE-2026-33123 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-33230 | medium | — | nltk | 3.9.1 | — |
| CVE-2026-33532 | medium | — | yaml | 2.8.0 | — |
| CVE-2026-33672 | medium | — | picomatch | 2.3.1 | — |
| CVE-2026-33682 | medium | — | streamlit | 1.41.1 | — |
| CVE-2026-33699 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-33750 | medium | — | brace-expansion | 2.0.2 | — |
| CVE-2026-34043 | medium | — | serialize-javascript | 6.0.2 | — |
| CVE-2026-34515 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2026-34516 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2026-34525 | medium | — | aiohttp | 3.7.4 | — |
| CVE-2026-40087 | medium | — | langchain-core | 0.3.32 | — |
| CVE-2026-40175 | medium | — | axios | 1.9.0 | — |
| CVE-2026-40260 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-40347 | medium | — | python-multipart | 0.0.18 | — |
| CVE-2026-41168 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-41182 | medium | — | langsmith | 0.3.2 | — |
| CVE-2026-41205 | medium | — | mako | 1.3.8 | — |
| CVE-2026-41305 | medium | — | postcss | 8.5.5 | — |
| CVE-2026-41312 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-41313 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-41314 | medium | — | pypdf | 5.2.0 | — |
| CVE-2026-41481 | medium | — | langchain-text-splitters | 0.3.5 | — |
| CVE-2026-42034 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42036 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42037 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42038 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42039 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42041 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42042 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42044 | medium | — | axios | 1.9.0 | — |
| CVE-2026-42308 | medium | — | pillow | 11.0.0 | — |
| CVE-2026-42310 | medium | — | pillow | 11.0.0 | — |
| CVE-2026-6357 | medium | — | pip | 25.0 | — |
| GHSA-78cv-mqj4-43f7 | medium | — | tornado | 6.4.2 | — |
| GHSA-pjjw-qhg8-p2p9 | medium | — | aiohttp | 3.7.4 | — |
| GHSA-r4q5-vmmm-2653 | medium | — | follow-redirects | 1.15.9 | — |
| GHSA-rf74-v2fm-23pw | medium | — | nltk | 3.9.1 | — |
| CVE-2023-47641 | low | — | aiohttp | 3.7.4 | — |
| CVE-2024-12797 | low | — | cryptography | 44.0.0 | — |
| CVE-2025-2953 | low | — | torch | 2.5.1 | — |
| CVE-2025-3777 | low | — | transformers | 4.48.1 | — |
| CVE-2025-47278 | low | — | flask | 3.1.0 | — |
| CVE-2025-53643 | low | — | aiohttp | 3.7.4 | — |
| CVE-2025-54798 | low | — | tmp | 0.2.3 | — |
| CVE-2025-68157 | low | — | webpack | 5.98.0 | — |
| CVE-2025-68458 | low | — | webpack | 5.98.0 | — |
| CVE-2025-68492 | low | — | chainlit | 2.0.603 | — |
| CVE-2025-69224 | low | — | aiohttp | 3.7.4 | — |
| CVE-2025-69225 | low | — | aiohttp | 3.7.4 | — |
| CVE-2025-69226 | low | — | aiohttp | 3.7.4 | — |
| CVE-2025-69230 | low | — | aiohttp | 3.7.4 | — |
| CVE-2025-7339 | low | — | on-headers | 1.0.2 | — |
| CVE-2026-1703 | low | — | pip | 25.0 | — |
| CVE-2026-22690 | low | — | pypdf | 5.2.0 | — |
| CVE-2026-22691 | low | — | pypdf | 5.2.0 | — |
| CVE-2026-2391 | low | — | qs | 6.13.0 | — |
| CVE-2026-24001 | low | — | diff | 5.2.0 | — |
| CVE-2026-26013 | low | — | langchain-core | 0.3.32 | — |
| CVE-2026-27205 | low | — | flask | 3.1.0 | — |
| CVE-2026-27628 | low | — | pypdf | 5.2.0 | — |
| CVE-2026-34073 | low | — | cryptography | 44.0.0 | — |
| CVE-2026-34513 | low | — | aiohttp | 3.7.4 | — |
| CVE-2026-34514 | low | — | aiohttp | 3.7.4 | — |
| CVE-2026-34517 | low | — | aiohttp | 3.7.4 | — |
| CVE-2026-34518 | low | — | aiohttp | 3.7.4 | — |
| CVE-2026-34519 | low | — | aiohttp | 3.7.4 | — |
| CVE-2026-34520 | low | — | aiohttp | 3.7.4 | — |
| CVE-2026-41488 | low | — | langchain-openai | 0.3.2 | — |
| CVE-2026-42040 | low | — | axios | 1.9.0 | — |
| CVE-2026-4539 | low | — | pygments | 2.19.1 | — |
| CVE-2026-7597 | low | — | mem0ai | 0.1.104 | — |
| CVE-2020-13091 | unknown | — | pandas | — | — |
| CVE-2021-22570 | unknown | — | protobuf | — | — |
| CVE-2023-25399 | unknown | — | scipy | — | — |
| CVE-2023-29824 | unknown | — | scipy | — | — |
Showing 247 of 247