Known Vulnerabilities for Flask by Palletsprojects
Listed below are 3 of the newest known vulnerabilities associated with "Flask" by "Palletsprojects".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-48544 json | Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get_resource() method in ... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-45561 json | Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the /sm... | Not Provided | 2026-06-10 | 2026-06-10 |
| CVE-2026-45306 json | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the fix for CVE-2026-33509 prev... | Not Provided | 2026-05-28 | 2026-05-28 |
| CVE-2026-44338 json | PraisonAI is a multi-agent teams system. From version 2.5.6 to before version 4.6.34, PraisonAI ships a legacy Flask API serv... | Not Provided | 2026-05-08 | 2026-05-08 |
| CVE-2026-42999 json | An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforce_call unconditionall... | Not Provided | 2026-05-28 | 2026-05-28 |
| CVE-2026-42490 json | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CV... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-42489 json | [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CV... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-41522 json | Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to v... | Not Provided | 2026-06-04 | 2026-06-04 |
| CVE-2026-41255 json | CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, Acc... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-40594 json | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the set_session_cookie_secure be... | Not Provided | 2026-04-21 | 2026-04-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Palletsprojects | Flask | 1.1.1 | |||
| Application | Palletsprojects | Flask | 1.1.0 | |||
| Application | Palletsprojects | Flask | 1.0.4 | |||
| Application | Palletsprojects | Flask | 1.0.3 | |||
| Application | Palletsprojects | Flask | 1.0.2 | |||
| Application | Palletsprojects | Flask | 1.0.1 | |||
| Application | Palletsprojects | Flask | 1.0 | |||
| Application | Palletsprojects | Flask | 0.9 | |||
| Application | Palletsprojects | Flask | 0.8.1 | |||
| Application | Palletsprojects | Flask | 0.8 | |||
| Application | Palletsprojects | Flask | 0.7.2 | |||
| Application | Palletsprojects | Flask | 0.7.1 | |||
| Application | Palletsprojects | Flask | 0.7 | |||
| Application | Palletsprojects | Flask | 0.6.1 | |||
| Application | Palletsprojects | Flask | 0.6 | |||
| Application | Palletsprojects | Flask | 0.5.2 | |||
| Application | Palletsprojects | Flask | 0.5.1 | |||
| Application | Palletsprojects | Flask | 0.5 | |||
| Application | Palletsprojects | Flask | 0.4 | |||
| Application | Palletsprojects | Flask | 0.3.1 |