Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
pypi
agentd
0.4.1
agentd 0.4.1
Published
Feb 10, 2026
•
Policy
compliance
pypi Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Best
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
39
Versions
39
Vulnerabilities
15
Vulnerabilities
15
Dependencies
7
Dependencies
7
Reset filters
Severity
Critical
(0)
High
(6)
Medium
(0)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
7.5
CVE-2025-66418
urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.
affected
Severity
High
Published
Dec 6, 2025
7.5
CVE-2025-62727
Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial‑of‑service for endpoints serving files (e.g., StaticFiles or any use of FileResponse). This vulnerability is fixed in 0.49.1.
affected
Severity
High
Published
Oct 29, 2025
8.7
sonatype-2025-002598
regex - Regular Expression Denial of Service (ReDoS)
affected
Severity
High
Published
Aug 4, 2025
7.5
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue.
affected
Severity
High
Published
Jul 15, 2025
8.7
CVE-2025-53365
The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.10.0, if a client deliberately triggers an exception after establishing a streamable HTTP session, this can lead to an uncaught ClosedResourceError on the server side, causing the server to crash and requiring a restart to restore service. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.10.0 contains a patch for the issue.
affected
Severity
High
Published
Jul 5, 2025
8.7
CVE-2025-53366
The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.9.4 contains a patch for the issue.
affected
Severity
High
Published
Jul 5, 2025
