MEDIUM 5.5 PyPI
GHSA-8jf4-fcjr-68c2 · CVE-2025-6278, PYSEC-2025-67 Upsonic is vulnerable to Path Traversal attack through its os.path.join function
Modified: 7/9/2025
package
PyPI / upsonic
pkg:pypi/upsonic
CRITICAL 9.8 PyPI
GHSA-cw73-5f7h-m4gv · CVE-2026-30625 Upsonic: remote code execution vulnerability in its MCP server/task creation functionality
Modified: 4/16/2026
MEDIUM 5.5 PyPI
GHSA-rpfv-46xj-5984 · CVE-2025-6279, PYSEC-2025-68 Upsonic has vulnerability in Pickle Handler component that can lead to deserialization
Modified: 7/9/2025
CRITICAL 9.8 PyPI
PYSEC-2025-67 · CVE-2025-6278, GHSA-8jf4-fcjr-68c2 Modified: 6/10/2026
HIGH 8.0 PyPI
PYSEC-2025-68 · CVE-2025-6279, GHSA-rpfv-46xj-5984 Modified: 6/10/2026