Browse all 7 CVE security advisories affecting psf. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PSF develops Python, a widely-used programming language core for software development and automation. Historically, PSF's Python has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure input handling and library dependencies. While PSF maintains a security response team, notable incidents include the 2023 log4j-style flaw in the urllib3 component and a 2021 RCE vulnerability in the distutils module. PSF has improved its security practices over time, implementing a bug bounty program and regular security audits, though the large ecosystem of third-party packages remains a persistent challenge.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25645 | Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function — requestsCWE-377 | 4.4 | Medium | 2026-03-25 |
| CVE-2026-32274 | Black: Arbitrary file writes from unsanitized user input in cache file name — blackCWE-22 | 7.5 | - | 2026-03-12 |
| CVE-2026-31900 | Black's vulnerable version parsing leads to RCE in GitHub Action — blackCWE-20 | 8.8AI | HighAI | 2026-03-11 |
| CVE-2024-47081 | Requests vulnerable to .netrc credentials leak via malicious URLs — requestsCWE-522 | 5.3 | Medium | 2025-06-09 |
| CVE-2024-1682 | Unclaimed S3 Bucket Reference in psf/requests Documentation — psf/requestsCWE-840 | 9.8 | - | 2024-11-14 |
| CVE-2024-35195 | Requests `Session` object does not verify requests after making first request with verify=False — requestsCWE-670 | 5.6 | Medium | 2024-05-20 |
| CVE-2023-32681 | Unintended leak of Proxy-Authorization header in requests — requestsCWE-200 | 6.1 | Medium | 2023-05-26 |
This page lists every published CVE security advisory associated with psf. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.