Package impact
PyPI / ckan
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42031 | critical | 9.8 | 9.8 | 15d ago | CKAN has Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql` | |||
| CVE-2026-42032 | critical | 9.1 | 9.1 | 15d ago | CKAN has Unauthenticated Authorization Bypass in `datastore_search_sql` | |||
| CVE-2026-41132 | high | 7.4 | 7.4 | 15d ago | CKAN has no certificate validation on STMP connection | |||
| CVE-2026-41255 | medium | 6.1 | 6.1 | 15d ago | CKAN has CSRF exemption primed by anonymous requests |