Known Vulnerabilities for Flask by Palletsprojects
Listed below are 3 of the newest known vulnerabilities associated with "Flask" by "Palletsprojects".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40594 json | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the set_session_cookie_secure be... | Not Provided | 2026-04-21 | 2026-04-21 |
| CVE-2026-40112 json | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the Flask API endpoint in src/praisonai/api.py renders agent outpu... | Not Provided | 2026-04-09 | 2026-04-14 |
| CVE-2026-40035 json | Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by... | Not Provided | 2026-04-08 | 2026-04-09 |
| CVE-2026-35490 json | changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required deco... | Not Provided | 2026-04-07 | 2026-04-09 |
| CVE-2026-35464 json | pyLoad is a free and open-source download manager written in Python. The fix for CVE-2026-33509 added an ADMIN_ONLY_OPTIONS s... | Not Provided | 2026-04-07 | 2026-04-07 |
| CVE-2026-35052 json | D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to 3.22.0... | Not Provided | 2026-04-06 | 2026-04-07 |
| CVE-2026-34531 json | Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation ... | Not Provided | 2026-04-01 | 2026-04-02 |
| CVE-2026-5577 json | A vulnerability has been found in Song-Li cross_browser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a. This affects an unkno... | Not Provided | 2026-04-05 | 2026-04-06 |
| CVE-2026-5321 json | A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component Fa... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-4231 json | A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function update_sql/run_sql of... | Not Provided | 2026-03-16 | 2026-03-16 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Palletsprojects | Flask | 1.1.1 | |||
| Application | Palletsprojects | Flask | 1.1.0 | |||
| Application | Palletsprojects | Flask | 1.0.4 | |||
| Application | Palletsprojects | Flask | 1.0.3 | |||
| Application | Palletsprojects | Flask | 1.0.2 | |||
| Application | Palletsprojects | Flask | 1.0.1 | |||
| Application | Palletsprojects | Flask | 1.0 | |||
| Application | Palletsprojects | Flask | 0.9 | |||
| Application | Palletsprojects | Flask | 0.8.1 | |||
| Application | Palletsprojects | Flask | 0.8 | |||
| Application | Palletsprojects | Flask | 0.7.2 | |||
| Application | Palletsprojects | Flask | 0.7.1 | |||
| Application | Palletsprojects | Flask | 0.7 | |||
| Application | Palletsprojects | Flask | 0.6.1 | |||
| Application | Palletsprojects | Flask | 0.6 | |||
| Application | Palletsprojects | Flask | 0.5.2 | |||
| Application | Palletsprojects | Flask | 0.5.1 | |||
| Application | Palletsprojects | Flask | 0.5 | |||
| Application | Palletsprojects | Flask | 0.4 | |||
| Application | Palletsprojects | Flask | 0.3.1 |