PyPI Package Vulnerabilities
All 1,361 Python packages with known CVEs, ranked by live CVE volume — 6,327 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 1.tensorflow427 CVEs
- 2.tensorflow-cpu424 CVEs
- 3.tensorflow-gpu421 CVEs
- 4.django155 CVEs
- 5.apache-airflow130 CVEs
- 6.plone101 CVEs
- 7.open-webui99 CVEs
- 8.mlflow73 CVEs
- 9.salt69 CVEs
- 10.ansible67 CVEs
- 11.apache-superset61 CVEs
- 12.pillow61 CVEs
- 13.nova54 CVEs
- 14.praisonai50 CVEs
- 15.gradio48 CVEs
- 16.vllm46 CVEs
- 17.aiohttp44 CVEs
- 18.matrix-synapse44 CVEs
- 19.pyload-ng43 CVEs
- 20.rdiffweb43 CVEs
- 21.keystone41 CVEs
- 22.moin41 CVEs
- 23.vyper40 CVEs
- 24.paddlepaddle32 CVEs
- 25.langflow31 CVEs
- 26.weblate31 CVEs
- 27.opencv-contrib-python30 CVEs
- 28.opencv-python30 CVEs
- 29.torch30 CVEs
- 30.pgadmin428 CVEs
- 31.pyassimp28 CVEs
- 32.transformers28 CVEs
- 33.picklescan25 CVEs
- 34.mindsdb23 CVEs
- 35.ethyca-fides22 CVEs
- 36.glance22 CVEs
- 37.octoprint22 CVEs
- 38.pypdf22 CVEs
- 39.litellm21 CVEs
- 40.lollms21 CVEs
- 41.praisonaiagents21 CVEs
- 42.aim20 CVEs
- 43.langchain20 CVEs
- 44.neutron20 CVEs
- 45.notebook19 CVEs
- 46.urllib319 CVEs
- 47.vantage619 CVEs
- 48.wagtail19 CVEs
- 49.calibreweb18 CVEs
- 50.cobbler18 CVEs
Which PyPI packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →