Skip to content
Tools / continue / Security

Security Deep Dive

continue

Security posture and CVE patch evidence from tracked releases.

Back to Tool

1 actively-exploited dependency CVE affects v1.2.22-vscode.

KEV-listed CVEs are confirmed exploited in the wild — patch urgently.

— Signed — SLSA ✓ SBOM ✓ Security policy Weekly cadence · 1d median Active maintainer

Trust Signals — 4 of 9 Present

Evidence already collected from releases and repository metadata.

4/9 Present
Signed releases Unknown
Latest release artifact signature Latest release
SLSA provenance Unknown
Attestation predicate level Latest release
SBOM published Present
GitHub SBOM API Latest release
Last verified: 28d ago
SECURITY.md Present
GitHub repository metadata Repository policy
Checked: 18d ago
Release cadence: weekly Present
1d median over recent releases Release history
Latest release: 2mo ago
Maintainer active Present
Recent commit activity Repository
Last commit: 5d ago
Checksums (SHA256SUMS) Not active yet
SHA256SUMS or equivalent Release asset
Latest release: 2mo ago
GitHub Actions attestation Not active yet
actions/attest-build-provenance Workflow file
Latest release: 2mo ago
Signing assets Not active yet
.sig, .crt, cosign.pub, or similar Release asset
Latest release: 2mo ago
3.8/10 Security Score
Dependency Exposure 466 transitive dependency CVEs found in the latest SBOM. 16 critical.

Security Score

A composite score aggregating Scorecard performance, CVE patch history, OpenSSF badge tier, and dependency vulnerability exposure. Score ≥ 7.0 is healthy; < 4.0 warrants attention.

epss

0.25 / 0.5

No EPSS data

freshness

1.00 / 1.0

4d stale

scorecard

2.00 / 4.0

⚠ Estimated — not yet collected

cve health

0.00 / 2.5

⚠ No direct scan — 17c/179h transitive CVEs

patch speed

0.50 / 0.5

⚠ Estimated — no CVE patch history

kev exposure

1.50 / 1.5

No KEV exposure

supply chain risk

-1.50 / 10.0

Risk 100.0/100

Score breakdown

schema v2

Vulnerability posture

vulnerability posture

0.0

25%

direct cves: clear cve scan: estimated

Release responsiveness

release responsiveness

10.0

5%

patch speed days: no_history

Dependency exposure

dependency exposure

0.0

10%

supply chain risk: 100.0 transitive cves: 17c/179h

Provenance trust

provenance trust

5.0

40%

scorecard score: estimated openssf badge: none

Maintainer health

maintainer health

10.0

10%

activity freshness: 4d

Operational risk

operational risk

8.5

10%

kev exposure: detected epss max: none
How is this calculated?

The six dimensions group the legacy score signals into weighted categories: direct vulnerability status, patch responsiveness, dependency exposure, provenance checks, maintainer activity, and exploitability risk. The flat component values above remain available for compatibility.

Supply Chain Risk

Risk 100.0/100
16 Transitive critical CVEs
1 KEV-transitive CVEs
40% Dependency freshness

OpenSSF Badge

OpenSSF none

Badge indicates adherence to open-source best practices.

Dependency Vulnerabilities

13295 dependencies scanned View full dependency list →

Scanning the SBOM (Software Bill of Materials) of the latest release for known vulnerabilities in transitive dependencies.

Critical

16

High

176

Medium

233

Low

36

Unknown

5

1 dependency vulnerabilities are in KEV.

CISA confirmed these vulnerabilities are actively exploited. Treat as critical priority.

Still affecting latest (466) All (479)
Critical 16 High 176 Medium 233 Low 36 Unknown 5
CVE Severity KEV Dependency Affected version Cleared in release
CVE-2019-17571 critical log4j:log4j 1.2.17
CVE-2021-41208 critical tensorflow 2.6.0
CVE-2021-41945 critical httpx 0.19.0
CVE-2022-22817 critical pillow 8.3.2
CVE-2022-23305 critical log4j:log4j 1.2.17
CVE-2022-23307 critical log4j:log4j 1.2.17
CVE-2023-25668 critical tensorflow 2.6.0
CVE-2023-50447 critical pillow 8.3.2
CVE-2024-3660 critical keras 2.6.0
CVE-2025-12543 critical io.undertow:undertow-core 2.3.18.Final
CVE-2025-14009 critical nltk 3.6.3
CVE-2025-7783 critical form-data 2.5.2
CVE-2026-27699 critical basic-ftp 5.0.5
CVE-2026-33937 critical handlebars 4.7.8
CVE-2026-41242 critical protobufjs 6.11.4
GHSA-h6gw-r52c-724r critical tensorflow 2.6.0
CVE-2020-28975 high scikit-learn 0.24.2
CVE-2021-3828 high nltk 3.6.3
CVE-2021-3842 high nltk 3.6.3
CVE-2021-4104 high log4j:log4j 1.2.17
CVE-2021-41201 high tensorflow 2.6.0
CVE-2021-41203 high tensorflow 2.6.0
CVE-2021-41206 high tensorflow 2.6.0
CVE-2021-41210 high tensorflow 2.6.0
CVE-2021-41211 high tensorflow 2.6.0
CVE-2021-41212 high tensorflow 2.6.0
CVE-2021-41214 high tensorflow 2.6.0
CVE-2021-41219 high tensorflow 2.6.0
CVE-2021-41220 high tensorflow 2.6.0
CVE-2021-41221 high tensorflow 2.6.0
CVE-2021-43854 high nltk 3.6.3
CVE-2022-21726 high tensorflow 2.6.0
CVE-2022-21727 high tensorflow 2.6.0
CVE-2022-21728 high tensorflow 2.6.0
CVE-2022-21729 high tensorflow 2.6.0
CVE-2022-21730 high tensorflow 2.6.0
CVE-2022-21731 high tensorflow 2.6.0
CVE-2022-21734 high tensorflow 2.6.0
CVE-2022-21735 high tensorflow 2.6.0
CVE-2022-21736 high tensorflow 2.6.0
CVE-2022-21737 high tensorflow 2.6.0
CVE-2022-21738 high tensorflow 2.6.0
CVE-2022-21739 high tensorflow 2.6.0
CVE-2022-21740 high tensorflow 2.6.0
CVE-2022-21741 high tensorflow 2.6.0
CVE-2022-23302 high log4j:log4j 1.2.17
CVE-2022-23557 high tensorflow 2.6.0
CVE-2022-23558 high tensorflow 2.6.0
CVE-2022-23559 high tensorflow 2.6.0
CVE-2022-23560 high tensorflow 2.6.0
CVE-2022-23561 high tensorflow 2.6.0
CVE-2022-23562 high tensorflow 2.6.0
CVE-2022-23563 high tensorflow 2.6.0
CVE-2022-23564 high tensorflow 2.6.0
CVE-2022-23565 high tensorflow 2.6.0
CVE-2022-23566 high tensorflow 2.6.0
CVE-2022-23567 high tensorflow 2.6.0
CVE-2022-23568 high tensorflow 2.6.0
CVE-2022-23569 high tensorflow 2.6.0
CVE-2022-23570 high tensorflow 2.6.0
CVE-2022-23571 high tensorflow 2.6.0
CVE-2022-23572 high tensorflow 2.6.0
CVE-2022-23573 high tensorflow 2.6.0
CVE-2022-23574 high tensorflow 2.6.0
CVE-2022-23575 high tensorflow 2.6.0
CVE-2022-23576 high tensorflow 2.6.0
CVE-2022-23577 high tensorflow 2.6.0
CVE-2022-23584 high tensorflow 2.6.0
CVE-2022-23587 high tensorflow 2.6.0
CVE-2022-23591 high tensorflow 2.6.0
CVE-2022-24303 high pillow 8.3.2
CVE-2022-29208 high tensorflow 2.6.0
CVE-2022-29216 high tensorflow 2.6.0
CVE-2022-35937 high tensorflow 2.6.0
CVE-2022-35939 high tensorflow 2.6.0
CVE-2022-41894 high tensorflow 2.6.0
CVE-2022-41900 high tensorflow 2.6.0
CVE-2022-41902 high tensorflow 2.6.0
CVE-2022-45198 high pillow 8.3.2
CVE-2023-25658 high tensorflow 2.6.0
CVE-2023-25659 high tensorflow 2.6.0
CVE-2023-25660 high tensorflow 2.6.0
CVE-2023-25662 high tensorflow 2.6.0
CVE-2023-25663 high tensorflow 2.6.0
CVE-2023-25664 high tensorflow 2.6.0
CVE-2023-25665 high tensorflow 2.6.0
CVE-2023-25666 high tensorflow 2.6.0
CVE-2023-25669 high tensorflow 2.6.0
CVE-2023-25670 high tensorflow 2.6.0
CVE-2023-25671 high tensorflow 2.6.0
CVE-2023-25672 high tensorflow 2.6.0
CVE-2023-25673 high tensorflow 2.6.0
CVE-2023-25674 high tensorflow 2.6.0
CVE-2023-25675 high tensorflow 2.6.0
CVE-2023-25676 high tensorflow 2.6.0
CVE-2023-25801 high tensorflow 2.6.0
CVE-2023-26464 high log4j:log4j 1.2.17
CVE-2023-27579 high tensorflow 2.6.0
CVE-2023-30861 high flask 2.0.2
CVE-2023-33976 high tensorflow 2.6.0
CVE-2023-44271 high pillow 8.3.2
CVE-2023-4863 high KEV pillow 8.3.2
CVE-2024-1135 high gunicorn 20.1.0
CVE-2024-23334 high aiohttp 3.7.4
CVE-2024-28219 high pillow 8.3.2
CVE-2024-30251 high aiohttp 3.7.4
CVE-2024-3884 high io.undertow:undertow-core 2.3.18.Final
CVE-2024-39705 high nltk 3.6.3
CVE-2024-4027 high io.undertow:undertow-core 2.3.18.Final
CVE-2024-47072 high com.thoughtworks.xstream:xstream 1.4.20
CVE-2024-6827 high gunicorn 20.1.0
CVE-2024-7254 high com.google.protobuf:protobuf-java 3.24.4-jb.2
CVE-2025-12060 high keras 2.6.0
CVE-2025-12183 high org.lz4:lz4-java 1.8.0
CVE-2025-55163 high io.netty:netty-codec-http2 4.2.0.Alpha4
CVE-2025-58754 high axios 1.11.0
CVE-2025-64756 high glob 10.4.5
CVE-2025-66566 high org.lz4:lz4-java 1.8.0
CVE-2025-69223 high aiohttp 3.7.4
CVE-2025-9784 high io.undertow:undertow-core 2.3.18.Final
CVE-2025-9906 high keras 2.6.0
CVE-2026-0621 high @modelcontextprotocol/sdk 1.24.1
CVE-2026-0846 high nltk 3.6.3
CVE-2026-0847 high nltk 3.6.3
CVE-2026-1207 high django 4.2.27
CVE-2026-1287 high django 4.2.27
CVE-2026-1462 high keras 2.6.0
CVE-2026-23745 high tar 7.4.3
CVE-2026-23950 high tar 7.4.3
CVE-2026-24842 high tar 7.4.3
CVE-2026-25536 high @modelcontextprotocol/sdk 1.24.1
CVE-2026-25547 high @isaacs/brace-expansion 5.0.0
CVE-2026-25639 high axios 1.11.0
CVE-2026-25673 high django 4.2.27
CVE-2026-26318 high systeminformation 5.30.8
CVE-2026-26960 high tar 7.4.3
CVE-2026-26996 high minimatch 3.1.2
CVE-2026-27601 high underscore 1.13.7
CVE-2026-27606 high rollup 4.47.1
CVE-2026-27903 high minimatch 3.1.2
CVE-2026-27904 high minimatch 3.1.2
CVE-2026-29786 high tar 7.4.3
CVE-2026-31802 high tar 7.4.3
CVE-2026-32141 high flatted 3.3.1
CVE-2026-33034 high django 4.2.27
CVE-2026-33151 high socket.io-parser 4.2.4
CVE-2026-33228 high flatted 3.3.1
CVE-2026-33231 high nltk 3.6.3
CVE-2026-33236 high nltk 3.6.3
CVE-2026-33671 high picomatch 4.0.3
CVE-2026-33870 high io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2026-33871 high io.netty:netty-codec-http2 4.2.0.Alpha4
CVE-2026-33891 high node-forge 1.3.2
CVE-2026-33894 high node-forge 1.3.2
CVE-2026-33895 high node-forge 1.3.2
CVE-2026-33896 high node-forge 1.3.2
CVE-2026-33938 high handlebars 4.7.8
CVE-2026-33939 high handlebars 4.7.8
CVE-2026-33940 high handlebars 4.7.8
CVE-2026-33941 high handlebars 4.7.8
CVE-2026-34601 high @xmldom/xmldom 0.8.10
CVE-2026-35209 high defu 6.1.4
CVE-2026-3902 high django 4.2.27
CVE-2026-39356 high drizzle-orm 0.44.7
CVE-2026-39363 high vite 7.3.1
CVE-2026-39364 high vite 7.3.1
CVE-2026-39983 high basic-ftp 5.2.0
CVE-2026-41324 high basic-ftp 5.2.0
CVE-2026-41672 high @xmldom/xmldom 0.8.10
CVE-2026-41673 high @xmldom/xmldom 0.8.10
CVE-2026-41674 high @xmldom/xmldom 0.8.10
CVE-2026-41675 high @xmldom/xmldom 0.8.10
CVE-2026-42033 high axios 1.13.6
CVE-2026-42035 high axios 1.13.6
CVE-2026-42043 high axios 1.13.6
CVE-2026-42264 high axios 1.13.6
CVE-2026-42584 high io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2026-42587 high io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2026-42587 high io.netty:netty-codec-http2 4.2.0.Alpha4
CVE-2026-44240 high basic-ftp 5.2.0
CVE-2026-44665 high fast-xml-builder 1.1.4
CVE-2026-44728 high @babel/plugin-transform-modules-systemjs 7.25.9
CVE-2026-4800 high lodash 4.17.23
CVE-2026-4800 high lodash-es 4.17.23
CVE-2026-4867 high path-to-regexp 0.1.12
CVE-2026-4926 high path-to-regexp 8.3.0
CVE-2026-5598 high org.bouncycastle:bcprov-jdk18on 1.78.1
CVE-2026-6321 high fast-uri 3.1.0
CVE-2026-6322 high fast-uri 3.1.0
GHSA-43q8-3fv7-pr5x high tensorflow 2.6.0
GHSA-6v7q-wjvx-w8wg high basic-ftp 5.2.0
GHSA-qr4w-53vh-m672 high opencv-python 4.5.3.56
CVE-2021-29425 medium commons-io:commons-io 1.4
CVE-2021-34141 medium numpy 1.21.2
CVE-2021-41195 medium tensorflow 2.6.0
CVE-2021-41196 medium tensorflow 2.6.0
CVE-2021-41197 medium tensorflow 2.6.0
CVE-2021-41198 medium tensorflow 2.6.0
CVE-2021-41199 medium tensorflow 2.6.0
CVE-2021-41200 medium tensorflow 2.6.0
CVE-2021-41202 medium tensorflow 2.6.0
CVE-2021-41204 medium tensorflow 2.6.0
CVE-2021-41205 medium tensorflow 2.6.0
CVE-2021-41207 medium tensorflow 2.6.0
CVE-2021-41209 medium tensorflow 2.6.0
CVE-2021-41213 medium tensorflow 2.6.0
CVE-2021-41215 medium tensorflow 2.6.0
CVE-2021-41216 medium tensorflow 2.6.0
CVE-2021-41217 medium tensorflow 2.6.0
CVE-2021-41218 medium tensorflow 2.6.0
CVE-2021-41222 medium tensorflow 2.6.0
CVE-2021-41223 medium tensorflow 2.6.0
CVE-2021-41224 medium tensorflow 2.6.0
CVE-2021-41225 medium tensorflow 2.6.0
CVE-2021-41226 medium tensorflow 2.6.0
CVE-2021-41227 medium tensorflow 2.6.0
CVE-2021-41228 medium tensorflow 2.6.0
CVE-2022-21725 medium tensorflow 2.6.0
CVE-2022-21732 medium tensorflow 2.6.0
CVE-2022-21733 medium tensorflow 2.6.0
CVE-2022-22815 medium pillow 8.3.2
CVE-2022-22816 medium pillow 8.3.2
CVE-2022-23578 medium tensorflow 2.6.0
CVE-2022-23579 medium tensorflow 2.6.0
CVE-2022-23580 medium tensorflow 2.6.0
CVE-2022-23581 medium tensorflow 2.6.0
CVE-2022-23582 medium tensorflow 2.6.0
CVE-2022-23583 medium tensorflow 2.6.0
CVE-2022-23585 medium tensorflow 2.6.0
CVE-2022-23586 medium tensorflow 2.6.0
CVE-2022-23588 medium tensorflow 2.6.0
CVE-2022-23589 medium tensorflow 2.6.0
CVE-2022-23590 medium tensorflow 2.6.0
CVE-2022-23595 medium tensorflow 2.6.0
CVE-2022-29191 medium tensorflow 2.6.0
CVE-2022-29192 medium tensorflow 2.6.0
CVE-2022-29193 medium tensorflow 2.6.0
CVE-2022-29194 medium tensorflow 2.6.0
CVE-2022-29195 medium tensorflow 2.6.0
CVE-2022-29196 medium tensorflow 2.6.0
CVE-2022-29197 medium tensorflow 2.6.0
CVE-2022-29198 medium tensorflow 2.6.0
CVE-2022-29199 medium tensorflow 2.6.0
CVE-2022-29200 medium tensorflow 2.6.0
CVE-2022-29201 medium tensorflow 2.6.0
CVE-2022-29202 medium tensorflow 2.6.0
CVE-2022-29203 medium tensorflow 2.6.0
CVE-2022-29204 medium tensorflow 2.6.0
CVE-2022-29205 medium tensorflow 2.6.0
CVE-2022-29206 medium tensorflow 2.6.0
CVE-2022-29207 medium tensorflow 2.6.0
CVE-2022-29209 medium tensorflow 2.6.0
CVE-2022-29211 medium tensorflow 2.6.0
CVE-2022-29212 medium tensorflow 2.6.0
CVE-2022-29213 medium tensorflow 2.6.0
CVE-2022-35934 medium tensorflow 2.6.0
CVE-2022-35935 medium tensorflow 2.6.0
CVE-2022-35940 medium tensorflow 2.6.0
CVE-2022-35941 medium tensorflow 2.6.0
CVE-2022-35952 medium tensorflow 2.6.0
CVE-2022-35959 medium tensorflow 2.6.0
CVE-2022-35960 medium tensorflow 2.6.0
CVE-2022-35963 medium tensorflow 2.6.0
CVE-2022-35964 medium tensorflow 2.6.0
CVE-2022-35965 medium tensorflow 2.6.0
CVE-2022-35966 medium tensorflow 2.6.0
CVE-2022-35967 medium tensorflow 2.6.0
CVE-2022-35968 medium tensorflow 2.6.0
CVE-2022-35969 medium tensorflow 2.6.0
CVE-2022-35970 medium tensorflow 2.6.0
CVE-2022-35971 medium tensorflow 2.6.0
CVE-2022-35972 medium tensorflow 2.6.0
CVE-2022-35973 medium tensorflow 2.6.0
CVE-2022-35974 medium tensorflow 2.6.0
CVE-2022-35979 medium tensorflow 2.6.0
CVE-2022-35981 medium tensorflow 2.6.0
CVE-2022-35982 medium tensorflow 2.6.0
CVE-2022-35983 medium tensorflow 2.6.0
CVE-2022-35984 medium tensorflow 2.6.0
CVE-2022-35985 medium tensorflow 2.6.0
CVE-2022-35986 medium tensorflow 2.6.0
CVE-2022-35987 medium tensorflow 2.6.0
CVE-2022-35988 medium tensorflow 2.6.0
CVE-2022-35989 medium tensorflow 2.6.0
CVE-2022-35990 medium tensorflow 2.6.0
CVE-2022-35991 medium tensorflow 2.6.0
CVE-2022-35992 medium tensorflow 2.6.0
CVE-2022-35993 medium tensorflow 2.6.0
CVE-2022-35994 medium tensorflow 2.6.0
CVE-2022-35995 medium tensorflow 2.6.0
CVE-2022-35996 medium tensorflow 2.6.0
CVE-2022-35997 medium tensorflow 2.6.0
CVE-2022-35998 medium tensorflow 2.6.0
CVE-2022-35999 medium tensorflow 2.6.0
CVE-2022-36000 medium tensorflow 2.6.0
CVE-2022-36001 medium tensorflow 2.6.0
CVE-2022-36002 medium tensorflow 2.6.0
CVE-2022-36003 medium tensorflow 2.6.0
CVE-2022-36004 medium tensorflow 2.6.0
CVE-2022-36005 medium tensorflow 2.6.0
CVE-2022-36011 medium tensorflow 2.6.0
CVE-2022-36012 medium tensorflow 2.6.0
CVE-2022-36013 medium tensorflow 2.6.0
CVE-2022-36014 medium tensorflow 2.6.0
CVE-2022-36017 medium tensorflow 2.6.0
CVE-2022-36018 medium tensorflow 2.6.0
CVE-2022-36019 medium tensorflow 2.6.0
CVE-2022-36026 medium tensorflow 2.6.0
CVE-2022-36027 medium tensorflow 2.6.0
CVE-2022-41880 medium tensorflow 2.6.0
CVE-2022-41884 medium tensorflow 2.6.0
CVE-2022-41885 medium tensorflow 2.6.0
CVE-2022-41886 medium tensorflow 2.6.0
CVE-2022-41887 medium tensorflow 2.6.0
CVE-2022-41888 medium tensorflow 2.6.0
CVE-2022-41889 medium tensorflow 2.6.0
CVE-2022-41890 medium tensorflow 2.6.0
CVE-2022-41891 medium tensorflow 2.6.0
CVE-2022-41893 medium tensorflow 2.6.0
CVE-2022-41895 medium tensorflow 2.6.0
CVE-2022-41896 medium tensorflow 2.6.0
CVE-2022-41897 medium tensorflow 2.6.0
CVE-2022-41898 medium tensorflow 2.6.0
CVE-2022-41899 medium tensorflow 2.6.0
CVE-2022-41901 medium tensorflow 2.6.0
CVE-2022-41907 medium tensorflow 2.6.0
CVE-2022-41908 medium tensorflow 2.6.0
CVE-2022-41909 medium tensorflow 2.6.0
CVE-2022-41910 medium tensorflow 2.6.0
CVE-2022-41911 medium tensorflow 2.6.0
CVE-2023-25661 medium tensorflow 2.6.0
CVE-2023-25667 medium tensorflow 2.6.0
CVE-2023-32681 medium requests 2.26.0
CVE-2023-37276 medium aiohttp 3.7.4
CVE-2023-47627 medium aiohttp 3.7.4
CVE-2023-49081 medium aiohttp 3.7.4
CVE-2023-49082 medium aiohttp 3.7.4
CVE-2024-23829 medium aiohttp 3.7.4
CVE-2024-24828 medium pkg 5.8.1
CVE-2024-27306 medium aiohttp 3.7.4
CVE-2024-35195 medium requests 2.26.0
CVE-2024-47081 medium requests 2.26.0
CVE-2024-49580 medium io.ktor:ktor-client-core-jvm 2.3.12
CVE-2024-5206 medium scikit-learn 0.24.2
CVE-2024-52304 medium aiohttp 3.7.4
CVE-2024-55459 medium keras 2.6.0
CVE-2025-12058 medium keras 2.6.0
CVE-2025-13465 medium lodash 4.17.21
CVE-2025-15284 medium qs 6.13.0
CVE-2025-27789 medium @babel/helpers 7.25.0
CVE-2025-3730 medium torch 2.6.0
CVE-2025-48924 medium org.apache.commons:commons-lang3 3.8.1
CVE-2025-62522 medium vite 6.3.5
CVE-2025-62718 medium axios 1.13.6
CVE-2025-64718 medium js-yaml 3.14.1
CVE-2025-67735 medium io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2025-69227 medium aiohttp 3.7.4
CVE-2025-69228 medium aiohttp 3.7.4
CVE-2025-69229 medium aiohttp 3.7.4
CVE-2025-69873 medium ajv 6.12.6
CVE-2025-8916 medium org.bouncycastle:bcpkix-jdk18on 1.78.1
CVE-2026-0636 medium org.bouncycastle:bcprov-jdk18on 1.78.1
CVE-2026-1312 medium django 4.2.27
CVE-2026-22815 medium aiohttp 3.7.4
CVE-2026-2327 medium markdown-it 14.1.0
CVE-2026-25645 medium requests 2.26.0
CVE-2026-28684 medium python-dotenv 0.19.0
CVE-2026-2950 medium lodash-es 4.17.23
CVE-2026-2950 medium lodash 4.17.23
CVE-2026-31808 medium file-type 20.5.0
CVE-2026-3260 medium io.undertow:undertow-core 2.3.18.Final
CVE-2026-32630 medium file-type 20.5.0
CVE-2026-33033 medium django 4.2.27
CVE-2026-33230 medium nltk 3.6.3
CVE-2026-33532 medium yaml 2.8.1
CVE-2026-33672 medium picomatch 4.0.3
CVE-2026-33750 medium brace-expansion 1.1.12
CVE-2026-33916 medium handlebars 4.7.8
CVE-2026-34515 medium aiohttp 3.7.4
CVE-2026-34516 medium aiohttp 3.7.4
CVE-2026-34525 medium aiohttp 3.7.4
CVE-2026-35515 medium @nestjs/core 11.1.17
CVE-2026-39365 medium vite 7.3.1
CVE-2026-39406 medium @hono/node-server 1.19.11
CVE-2026-39407 medium hono 4.12.7
CVE-2026-39408 medium hono 4.12.7
CVE-2026-39409 medium hono 4.12.7
CVE-2026-39410 medium hono 4.12.7
CVE-2026-40175 medium axios 1.13.6
CVE-2026-41238 medium dompurify 3.3.3
CVE-2026-41239 medium dompurify 3.3.3
CVE-2026-41240 medium dompurify 3.3.3
CVE-2026-41305 medium postcss 8.5.6
CVE-2026-41417 medium io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2026-41650 medium fast-xml-parser 5.5.8
CVE-2026-41907 medium uuid 11.1.0
CVE-2026-42034 medium axios 1.13.6
CVE-2026-42036 medium axios 1.13.6
CVE-2026-42037 medium axios 1.13.6
CVE-2026-42038 medium axios 1.13.6
CVE-2026-42039 medium axios 1.13.6
CVE-2026-42041 medium axios 1.13.6
CVE-2026-42042 medium axios 1.13.6
CVE-2026-42044 medium axios 1.13.6
CVE-2026-42308 medium pillow 8.3.2
CVE-2026-42310 medium pillow 8.3.2
CVE-2026-42338 medium ip-address 9.0.5
CVE-2026-42580 medium io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2026-42581 medium io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2026-42585 medium io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2026-44455 medium hono 4.12.7
CVE-2026-44456 medium hono 4.12.7
CVE-2026-4923 medium path-to-regexp 8.3.0
CVE-2026-5588 medium org.bouncycastle:bcpkix-jdk18on 1.78.1
GHSA-26pp-8wgv-hjvm medium hono 4.12.7
GHSA-39q2-94rc-95cp medium dompurify 3.3.3
GHSA-458j-xx4x-4375 medium hono 4.12.7
GHSA-67mh-4wv8-2f99 medium esbuild 0.18.20
GHSA-72hv-8253-57qq medium com.fasterxml.jackson.core:jackson-core 2.16.0
GHSA-7rx3-28cr-v5wh medium handlebars 4.7.8
GHSA-mw6j-hh29-h379 medium tensorflow 2.6.0
GHSA-pjjw-qhg8-p2p9 medium aiohttp 3.7.4
GHSA-r4q5-vmmm-2653 medium follow-redirects 1.15.6
GHSA-rf74-v2fm-23pw medium nltk 3.6.3
GHSA-wcv5-vrvr-3rx2 medium tensorflow 2.6.0
CVE-2022-36015 low tensorflow 2.6.0
CVE-2022-36016 low tensorflow 2.6.0
CVE-2023-47641 low aiohttp 3.7.4
CVE-2024-47764 low cookie 0.5.0
CVE-2025-13473 low django 4.2.27
CVE-2025-14550 low django 4.2.27
CVE-2025-2953 low torch 2.6.0
CVE-2025-53643 low aiohttp 3.7.4
CVE-2025-58056 low io.netty:netty-codec-http 4.2.0.Alpha4
CVE-2025-58751 low vite 6.3.5
CVE-2025-58752 low vite 6.3.5
CVE-2025-5889 low brace-expansion 2.0.1
CVE-2025-69224 low aiohttp 3.7.4
CVE-2025-69225 low aiohttp 3.7.4
CVE-2025-69226 low aiohttp 3.7.4
CVE-2025-69230 low aiohttp 3.7.4
CVE-2026-1285 low django 4.2.27
CVE-2026-2391 low qs 6.13.0
CVE-2026-24001 low diff 5.2.0
CVE-2026-25674 low django 4.2.27
CVE-2026-27205 low flask 2.0.2
CVE-2026-3449 low @tootallnate/once 1.1.2
CVE-2026-34513 low aiohttp 3.7.4
CVE-2026-34514 low aiohttp 3.7.4
CVE-2026-34517 low aiohttp 3.7.4
CVE-2026-34518 low aiohttp 3.7.4
CVE-2026-34519 low aiohttp 3.7.4
CVE-2026-34520 low aiohttp 3.7.4
CVE-2026-42040 low axios 1.13.6
CVE-2026-4277 low django 4.2.27
CVE-2026-4292 low django 4.2.27
GHSA-442j-39wm-28r2 low handlebars 4.7.8
GHSA-4fx9-vc88-q2xc low pillow 8.3.2
GHSA-cq8v-f236-94qc low rand 0.8.5
GHSA-cqvq-fvhr-v6hc low tensorflow 2.6.0
GHSA-xf83-q765-xm6m low tensorflow 2.6.0
CVE-2023-25399 unknown scipy 1.7.1
CVE-2023-29824 unknown scipy 1.7.1
PYSEC-2023-175 unknown pillow 8.3.2
PYSEC-2023-183 unknown opencv-python 4.5.3.56
RUSTSEC-2026-0097 unknown rand 0.8.5

Showing 466 of 479

Beta — feedback welcome: [email protected]