Package impact
PyPI / rembg
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-40086 | unknown | — | — | 2mo ago | Rembg has a Path Traversal via Custom Model Loading | |||
| CVE-2025-25302 | unknown | — | — | 1y ago | Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to … | |||
| CVE-2025-25301 | unknown | — | — | 1y ago | Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker … |