FLAT-S75V2 (CVE-2026-8643)
Lack of data validation - Path Traversal In python-pip
0.6
Low
Ecosystem: Debian
Package: python-pip
FLAT-4ISYF (MAL-2026-4987)
Use of software with malware In @cloudplatform-single-spa/svp-pipeline
5.2
Medium
Ecosystem: Npm
Package: @cloudplatform-single-spa/svp-pipeline
FLAT-UCGZ4 (MAL-2026-4820)
Use of software with malware In datapipe-util
5.2
Medium
Ecosystem: PyPI
Package: datapipe-util
FLAT-EAARH (MAL-2026-4770)
Use of software with malware In spip-pth-demo
5.2
Medium
Ecosystem: PyPI
Package: spip-pth-demo
FLAT-4CCM3 (MAL-2026-4328)
Use of software with malware In ts-result-pipe
5.2
Medium
Ecosystem: Npm
Package: ts-result-pipe
FLAT-MC5SD (CVE-2026-48832)
Uncontrolled external site redirect In spip
1.1
Low
Ecosystem: Debian
Package: spip
FLAT-72J8G (MAL-2026-4271)
Use of software with malware In data-pipeline-check
5.2
Medium
Ecosystem: PyPI
Package: data-pipeline-check
FLAT-XFK59 (MAL-2026-4275)
Use of software with malware In async-pipeline-builder
5.2
Medium
Ecosystem: Npm
Package: async-pipeline-builder
FLAT-UOYNH (CVE-2026-44716)
Lack of data validation - Path Traversal In pipecat-ai
6.3
Medium
Ecosystem: PyPI
Package: pipecat-ai
FLAT-7T1XA (MAL-2026-3782)
Use of software with malware In atlassian-marathon-asset-pipeline
5.2
Medium
Ecosystem: Npm
Package: atlassian-marathon-asset-pipeline
FLAT-NIGKI (MAL-2026-3634)
Use of software with malware In knot-rails-assets-pipeline
5.2
Medium
Ecosystem: RubyGems
Package: knot-rails-assets-pipeline
FLAT-NYLZ3 (CVE-2026-8430)
Server side template injection In spip
7.2
High
Ecosystem: Debian
Package: spip
FLAT-Z6N9G (CVE-2026-8429)
Server side template injection In spip
8.0
High
Ecosystem: Debian
Package: spip
FLAT-JTRS8 (MAL-2026-3218)
Use of software with malware In my-pipeline-watcher-poc
5.2
Medium
Ecosystem: PyPI
Package: my-pipeline-watcher-poc
FLAT-QKBW0 (MAL-2026-3105)
Use of software with malware In mypypipkg
5.2
Medium
Ecosystem: PyPI
Package: mypypipkg
FLAT-TIG53 (CVE-2026-6357)
Dependency Confusion In pip
1.7
Low
Ecosystem: PyPI
Package: pip
FLAT-CVTM1 (CVE-2025-62373)
Insecure deserialization In pipecat-ai
8.4
High
Ecosystem: PyPI
Package: pipecat-ai
FLAT-CQ51E (CVE-2026-40938)
Insecure functionality In github.com/tektoncd/pipeline
6.0
Medium
Ecosystem: Go
Package: github.com/tektoncd/pipeline
FLAT-KE8SX (CVE-2026-40924)
Asymmetric denial of service In github.com/tektoncd/pipeline
3.8
Low
Ecosystem: Go
Package: github.com/tektoncd/pipeline
FLAT-S0O8G (CVE-2026-40923)
Lack of data validation - Path Traversal In github.com/tektoncd/pipeline
5.8
Medium
Ecosystem: Go
Package: github.com/tektoncd/pipeline
FLAT-GH2X4 (CVE-2026-40161)
Technical information leak In github.com/tektoncd/pipeline
3.6
Low
Ecosystem: Go
Package: github.com/tektoncd/pipeline
FLAT-6OMTK (CVE-2026-25542)
Asymmetric denial of service - ReDoS In github.com/tektoncd/pipeline
3.8
Low
Ecosystem: Go
Package: github.com/tektoncd/pipeline
FLAT-EULCJ (CVE-2026-32613)
Remote command execution In io.spinnaker.echo:echo-pipelinetriggers
7.7
High
Ecosystem: Maven
Package: io.spinnaker.echo:echo-pipelinetriggers
FLAT-5E195 (CVE-2026-3219)
Insecure object reference In python-pip
1.0
Low
Ecosystem: Debian
Package: python-pip
FLAT-NLIEX (CVE-2018-20225)
Insecure object reference In python-pip
7.5
High
Ecosystem: Alpm
Package: python-pip
FLAT-LKQLV (CVE-2019-6251)
Lack of data validation In epiphany
6.2
Medium
Ecosystem: Alpm
Package: epiphany
FLAT-8KBJV (CVE-2021-3572)
Lack of data validation In python-pip
4.6
Medium
Ecosystem: Alpm
Package: python-pip
FLAT-VBE2S (CVE-2022-29536)
Improper resource allocation - Buffer overflow In epiphany
6.6
Medium
Ecosystem: Alpm
Package: epiphany
FLAT-9U9KB (MAL-2026-2028)
Use of software with malware In pipinpeace-bind
5.2
Medium
Ecosystem: PyPI
Package: pipinpeace-bind
FLAT-0LPMJ (MAL-2026-2029)
Use of software with malware In pipinpeace-reverse
5.2
Medium
Ecosystem: PyPI
Package: pipinpeace-reverse
FLAT-KEJ99 (MAL-2026-2026)
Use of software with malware In pipinpeace-env
5.2
Medium
Ecosystem: PyPI
Package: pipinpeace-env
FLAT-F5EA4 (CVE-2026-33549)
Privilege escalation In spip
7.5
High
Ecosystem: Debian
Package: spip
FLAT-DNN4O (DSA-6174-1)
Insecure service configuration In spip
0.6
Low
Ecosystem: Debian
Package: spip
FLAT-5VAUZ (MAL-2026-2016)
Use of software with malware In qyrm-pipinject4
5.2
Medium
Ecosystem: PyPI
Package: qyrm-pipinject4
FLAT-CFFM6 (MAL-2026-2113)
Use of software with malware In gcpipwrap
5.2
Medium
Ecosystem: PyPI
Package: gcpipwrap
FLAT-FYV60 (CVE-2026-33211)
Lack of data validation - Path Traversal In github.com/tektoncd/pipeline
3.6
Low
Ecosystem: Go
Package: github.com/tektoncd/pipeline
FLAT-0CUQX (CVE-2026-33022)
Asymmetric denial of service - ReDoS In github.com/tektoncd/pipeline
5.7
Medium
Ecosystem: Go
Package: github.com/tektoncd/pipeline
FLAT-ETJ1P (MAL-2026-1219)
Use of software with malware In demo-pipelinetest
5.2
Medium
Ecosystem: Npm
Package: demo-pipelinetest
FLAT-B1S2W (DSA-6155-1)
Insecure service configuration In spip
0.6
Low
Ecosystem: Debian
Package: spip
FLAT-TTP29 (CVE-2026-22205)
Authentication mechanism absence or evasion In spip
7.7
High
Ecosystem: Debian
Package: spip
FLAT-0T49O (CVE-2026-22206)
Remote command execution In spip
6.1
Medium
Ecosystem: Debian
Package: spip
FLAT-Q7XAB (CVE-2026-27472)
Server-side request forgery (SSRF) In spip
1.3
Low
Ecosystem: Debian
Package: spip
FLAT-O2NA2 (CVE-2026-27473)
Server side cross-site scripting In spip
1.2
Low
Ecosystem: Debian
Package: spip
FLAT-9JY2N (CVE-2026-27474)
Reflected cross-site scripting (XSS) In spip
1.2
Low
Ecosystem: Debian
Package: spip
FLAT-FZ1J4 (CVE-2026-27475)
Insecure deserialization In spip
6.1
Medium
Ecosystem: Debian
Package: spip
FLAT-N062K (CVE-2026-26345)
Reflected cross-site scripting (XSS) In spip
6.1
Medium
Ecosystem: Debian
Package: spip
FLAT-I1RKE (CVE-2026-26223)
Server side cross-site scripting In spip
1.2
Low
Ecosystem: Debian
Package: spip
FLAT-YVTI8 (CVE-2025-71242)
Improper authorization control for web services In spip
1.3
Low
Ecosystem: Debian
Package: spip
FLAT-RTJP4 (CVE-2025-71244)
Uncontrolled external site redirect In spip
0.5
Low
Ecosystem: Debian
Package: spip
FLAT-AXDGV (CVE-2025-71241)
Server side cross-site scripting In spip
0.5
Low
Ecosystem: Debian
Package: spip
FLAT-QYGMI (CVE-2025-71240)
Reflected cross-site scripting (XSS) In spip
1.2
Low
Ecosystem: Debian
Package: spip
FLAT-LO7XT (MAL-2026-824)
Use of software with malware In dev-pipline-test
5.2
Medium
Ecosystem: PyPI
Package: dev-pipline-test
FLAT-BR8ZO (MAL-2026-817)
Use of software with malware In ctf-pipline-test
5.2
Medium
Ecosystem: PyPI
Package: ctf-pipline-test
FLAT-AON49 (MAL-2026-810)
Use of software with malware In thread-pipeline-test
5.2
Medium
Ecosystem: PyPI
Package: thread-pipeline-test
FLAT-B8WRL (MAL-2026-803)
Use of software with malware In moveworks-pipeline-test
5.2
Medium
Ecosystem: PyPI
Package: moveworks-pipeline-test
FLAT-WEGGB (MAL-2026-783)
Use of software with malware In adobe_pipeline_test
5.2
Medium
Ecosystem: Npm
Package: adobe_pipeline_test
FLAT-SL16D (MAL-2026-759)
Use of software with malware In pipelinepoision-test
5.2
Medium
Ecosystem: PyPI
Package: pipelinepoision-test
FLAT-DVQQ1 (MAL-2026-655)
Use of software with malware In pipeline-poision-test
5.2
Medium
Ecosystem: PyPI
Package: pipeline-poision-test
FLAT-8ZL2D (CVE-2026-1703)
Lack of data validation - Path Traversal In pip
0.4
Low
Ecosystem: PyPI
Package: pip
FLAT-HPAMI (CVE-2025-47411)
Excessive privileges In org.apache.streampipes:streampipes-parent
4.9
Medium
Ecosystem: Maven
Package: org.apache.streampipes:streampipes-parent
FLAT-H1TQ5 (CVE-2023-53900)
Insecure file upload In spip
1.1
Low
Ecosystem: Debian
Package: spip
FLAT-F3SK4 (CVE-2025-67643)
Lack of data validation - Path Traversal In org.jenkinsci.plugins:pipeline-reporter-by-redpen
1.3
Low
Ecosystem: Maven
Package: org.jenkinsci.plugins:pipeline-reporter-by-redpen
FLAT-N416L (CVE-2025-67642)
Excessive privileges In com.datapipe.jenkins.plugins:hashicorp-vault-plugin
5.7
Medium
Ecosystem: Maven
Package: com.datapipe.jenkins.plugins:hashicorp-vault-plugin
FLAT-QNENF (MAL-2025-191329)
Use of software with malware In @viapip/eslint-config
5.2
Medium
Ecosystem: Npm
Package: @viapip/eslint-config
FLAT-QFFK8 (MAL-2025-187245)
Use of software with malware In grus-pipe-websockets-grunt
5.2
Medium
Ecosystem: Npm
Package: grus-pipe-websockets-grunt
FLAT-Q92HM (MAL-2025-189753)
Use of software with malware In supercluster-webdriver-manager-pipe-alphard
5.2
Medium
Ecosystem: Npm
Package: supercluster-webdriver-manager-pipe-alphard
FLAT-PGWR6 (MAL-2025-188720)
Use of software with malware In pipe-grid-byte-old-array
5.2
Medium
Ecosystem: Npm
Package: pipe-grid-byte-old-array
FLAT-AGCBV (MAL-2025-185449)
Use of software with malware In analyze-boolean-pipe-import-epsilon
5.2
Medium
Ecosystem: Npm
Package: analyze-boolean-pipe-import-epsilon
FLAT-TIMO5 (MAL-2025-186647)
Use of software with malware In duplex-lacerta-link-pipe
5.2
Medium
Ecosystem: Npm
Package: duplex-lacerta-link-pipe
FLAT-FRG60 (MAL-2025-186674)
Use of software with malware In easy-pipe-signal-proxy-uglify
5.2
Medium
Ecosystem: Npm
Package: easy-pipe-signal-proxy-uglify
FLAT-QGII5 (MAL-2025-189621)
Use of software with malware In speleology-pipe-pino-puppeteer
5.2
Medium
Ecosystem: Npm
Package: speleology-pipe-pino-puppeteer
FLAT-T1N50 (MAL-2025-186095)
Use of software with malware In chalk-cluster-nucleosynthesis-pipe
5.2
Medium
Ecosystem: Npm
Package: chalk-cluster-nucleosynthesis-pipe
FLAT-TNDB6 (MAL-2025-186701)
Use of software with malware In electron-builder-pipe-markdownlint-nextjs
5.2
Medium
Ecosystem: Npm
Package: electron-builder-pipe-markdownlint-nextjs
FLAT-27Y5X (MAL-2025-188716)
Use of software with malware In pipe-cloud-try-assert-grid
5.2
Medium
Ecosystem: Npm
Package: pipe-cloud-try-assert-grid
FLAT-5PXG1 (MAL-2025-188722)
Use of software with malware In pipe-orogeny-await-kaus
5.2
Medium
Ecosystem: Npm
Package: pipe-orogeny-await-kaus
FLAT-O8T90 (MAL-2025-186498)
Use of software with malware In debug-user-pipe-sun-simple
5.2
Medium
Ecosystem: Npm
Package: debug-user-pipe-sun-simple
FLAT-EQ6A2 (MAL-2025-188727)
Use of software with malware In pipe-virgo-perseus-auth
5.2
Medium
Ecosystem: Npm
Package: pipe-virgo-perseus-auth
FLAT-FV7RP (MAL-2025-187503)
Use of software with malware In integer-pipe-beta-orchestrate-simulate
5.2
Medium
Ecosystem: Npm
Package: integer-pipe-beta-orchestrate-simulate
FLAT-1XGE3 (MAL-2025-188781)
Use of software with malware In postcss-loader-install-thuban-pipe
5.2
Medium
Ecosystem: Npm
Package: postcss-loader-install-thuban-pipe
FLAT-ESZD8 (MAL-2025-188832)
Use of software with malware In process-daemon-pipe-try-bundle
5.2
Medium
Ecosystem: Npm
Package: process-daemon-pipe-try-bundle
FLAT-O245B (MAL-2025-188455)
Use of software with malware In optimize-pipe-signal-dog-index
5.2
Medium
Ecosystem: Npm
Package: optimize-pipe-signal-dog-index
FLAT-E20NS (MAL-2025-188717)
Use of software with malware In pipe-cz-conventional-changelog-meissa-canopus
5.2
Medium
Ecosystem: Npm
Package: pipe-cz-conventional-changelog-meissa-canopus
FLAT-4DH84 (MAL-2025-188724)
Use of software with malware In pipe-pino-pretty-toml-meteor
5.2
Medium
Ecosystem: Npm
Package: pipe-pino-pretty-toml-meteor
FLAT-995XQ (MAL-2025-188714)
Use of software with malware In pipe-auth0-barnard-tool
5.2
Medium
Ecosystem: Npm
Package: pipe-auth0-barnard-tool
FLAT-45QMP (MAL-2025-187238)
Use of software with malware In gridsome-slides-pipe-socketio
5.2
Medium
Ecosystem: Npm
Package: gridsome-slides-pipe-socketio
FLAT-M6X3T (MAL-2025-186279)
Use of software with malware In config-pipe-promise-start
5.2
Medium
Ecosystem: Npm
Package: config-pipe-promise-start
FLAT-KF2Y2 (MAL-2025-189298)
Use of software with malware In runtime-short-fork-yaml-pipe
5.2
Medium
Ecosystem: Npm
Package: runtime-short-fork-yaml-pipe
FLAT-0SXHS (MAL-2025-185940)
Use of software with malware In bundle-static-pipe-mu-float
5.2
Medium
Ecosystem: Npm
Package: bundle-static-pipe-mu-float
FLAT-1P4NB (MAL-2025-188715)
Use of software with malware In pipe-byte-spy-fork-notify
5.2
Medium
Ecosystem: Npm
Package: pipe-byte-spy-fork-notify
FLAT-KIN6E (MAL-2025-188536)
Use of software with malware In paleontology-saturnology-standard-pipe
5.2
Medium
Ecosystem: Npm
Package: paleontology-saturnology-standard-pipe
FLAT-D4HRA (MAL-2025-186581)
Use of software with malware In development-rollup-pipe-koa
5.2
Medium
Ecosystem: Npm
Package: development-rollup-pipe-koa
FLAT-DDNHN (MAL-2025-187709)
Use of software with malware In kronos-pipe-delphinus-centauri
5.2
Medium
Ecosystem: Npm
Package: kronos-pipe-delphinus-centauri
FLAT-G4I2P (MAL-2025-185435)
Use of software with malware In alpha-view-grep-abstract-pipe
5.2
Medium
Ecosystem: Npm
Package: alpha-view-grep-abstract-pipe
FLAT-5C7AS (MAL-2025-189572)
Use of software with malware In socket-sigma-minify-pipe-array
5.2
Medium
Ecosystem: Npm
Package: socket-sigma-minify-pipe-array
FLAT-KJ6X8 (MAL-2025-188728)
Use of software with malware In pipe-wavefunction-test-redis
5.2
Medium
Ecosystem: Npm
Package: pipe-wavefunction-test-redis
FLAT-6PFKD (MAL-2025-189128)
Use of software with malware In registry-pipe-version-chariklo
5.2
Medium
Ecosystem: Npm
Package: registry-pipe-version-chariklo
FLAT-6PANL (MAL-2025-188726)
Use of software with malware In pipe-simple-virtualize-void-stack
5.2
Medium
Ecosystem: Npm
Package: pipe-simple-virtualize-void-stack
FLAT-8SQM7 (MAL-2025-186117)
Use of software with malware In changelog-tachyon-writable-pipe
5.2
Medium
Ecosystem: Npm
Package: changelog-tachyon-writable-pipe
FLAT-3LKWO (MAL-2025-188723)
Use of software with malware In pipe-parallax-build-kinetic
5.2
Medium
Ecosystem: Npm
Package: pipe-parallax-build-kinetic
FLAT-6VWAA (MAL-2025-186630)
Use of software with malware In double-benchmark-pipe-hash-virtualize
5.2
Medium
Ecosystem: Npm
Package: double-benchmark-pipe-hash-virtualize