Package impact
PyPI / bugsink
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44502 | medium | 4.3 | 4.3 | 3d ago | Bunsink has an SSRF bypass in `validate_webhook_url` | |||
| CVE-2026-40162 | unknown | — | — | 2mo ago | Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble | |||
| CVE-2026-27614 | unknown | — | — | 3mo ago | Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering | |||
| CVE-2025-64509 | unknown | — | — | 7mo ago | Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU) | |||
| CVE-2025-64508 | unknown | — | — | 7mo ago | Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input | |||
| CVE-2025-54433 | unknown | — | — | 10mo ago | Bugsink path traversal via event_id in ingestion |