Package impact
PyPI / pydantic-ai-slim
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46678 | medium | — | 5.5 | 8d ago | Pydantic AI: SSRF cloud-metadata blocklist bypass via IPv4-mapped IPv6 (Incomplete fix of CVE-2026-25580) | |||
| CVE-2026-25640 | unknown | — | — | 4mo ago | Pydantic AI has Stored XSS via Path Traversal in Web UI CDN URL | |||
| CVE-2026-25580 | unknown | — | — | 4mo ago | Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling |