Known Vulnerabilities for products from Python
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Python".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40947 json | Not Provided | 2026-04-16 | 2026-04-16 | |
| CVE-2026-40683 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-40347 json | Not Provided | 2026-04-18 | 2026-04-17 | |
| CVE-2026-40319 json | Not Provided | 2026-04-17 | 2026-04-17 | |
| CVE-2026-40316 json | Not Provided | 2026-04-15 | 2026-04-16 | |
| CVE-2026-40288 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-40287 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-40260 json | Not Provided | 2026-04-17 | 2026-04-16 | |
| CVE-2026-40258 json | Not Provided | 2026-04-17 | 2026-04-17 | |
| CVE-2026-40192 json | Not Provided | 2026-04-15 | 2026-04-16 | |
| CVE-2026-25645 json | Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a pred... | Not Provided | 2026-03-25 | 2026-03-30 |
| CVE-2026-5271 json | pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current work... | Not Provided | 2026-04-01 | 2026-04-07 |
| CVE-2026-4519 json | The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain ... | Not Provided | 2026-03-20 | 2026-04-16 |
| CVE-2023-50447 json | 8.1 - HIGH | 2024-01-19 | 2024-03-27 | |
| CVE-2023-45803 json | urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an H... | 4.2 - MEDIUM | 2023-10-17 | 2023-11-03 |
| CVE-2023-44271 json | An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a ... | 7.5 - HIGH | 2023-11-03 | 2023-11-12 |
| CVE-2023-43804 json | urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide ... | 8.1 - HIGH | 2023-10-04 | 2024-02-01 |
| CVE-2023-41105 json | An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the p... | 7.5 - HIGH | 2023-08-23 | 2023-11-07 |
| CVE-2023-40217 json | An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It pri... | 5.3 - MEDIUM | 2023-08-25 | 2023-11-07 |
| CVE-2023-38898 json | ** DISPUTED ** An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_cur... | 5.3 - MEDIUM | 2023-08-15 | 2023-11-07 |
Known software with vulnerabilities from Python
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Python | Decorator | 3.3.1 |
| Application | Python | Enum34 | 0.9 |
| Application | Python | Jw.util | 1.0 |
| Application | Python | Keyring | 0.10 |
| Application | Python | Networkx | 0.23 |
| Application | Python | Novajoin | - |
| Application | Python | Openpyxl | 1.1.0 |
| Application | Python | Pillow | 1.7.8 |
| Application | Python | Py-bcrypt | 0.1 |
| Application | Python | Pycryptodome | 3.0 |
| Application | Python | Pykerberos | - |
| Application | Python | Pypiserver | 0.1.0 |
| Application | Python | Python | - |
| Application | Python | Python-gnupg | 0.2.3 |
| Application | Python | Pyxdg | 0.25 |
| Application | Python | Requests | 0.0.1 |
| Application | Python | Rply | 0.7.0 |
| Application | Python | Rsa | 1.1 |
| Application | Python | Setuptools | 0.6.40 |
| Application | Python | Tablib | 0.0.1 |