MEDIUM 4.7 PyPI
GHSA-7p48-42j8-8846 · CVE-2026-33682 Unauthenticated SSRF Vulnerability in Streamlit on Windows (NTLM Credential Exposure)
Modified: 3/27/2026
package
PyPI / streamlit
pkg:pypi/streamlit
LOW PyPI
GHSA-8qw9-gf7w-42x5 Minor fix to previous patch for CVE-2022-35918
Modified: 12/4/2024
MEDIUM 5.9 PyPI
GHSA-9c6g-qpgj-rvxw · CVE-2023-27494, PYSEC-2023-50 Streamlit publishes previously-patched Cross-site Scripting vulnerability
Modified: 10/28/2024
MEDIUM 5.9 PyPI
GHSA-rxff-vr5r-8cj5 · CVE-2024-42474, PYSEC-2024-153 Path traveral in Streamlit on windows
Modified: 11/26/2024
MEDIUM 6.5 PyPI
GHSA-v4hr-4jpx-56gc · CVE-2022-35918, PYSEC-2022-248 Streamlit directory traversal vulnerability
Modified: 11/8/2023
— PyPI
PYSEC-2022-248 · CVE-2022-35918, GHSA-v4hr-4jpx-56gc Modified: 11/8/2023
— PyPI
PYSEC-2023-50 · CVE-2023-27494, GHSA-9c6g-qpgj-rvxw Modified: 11/8/2023
MEDIUM 6.5 PyPI
PYSEC-2024-153 · CVE-2024-42474, GHSA-rxff-vr5r-8cj5 Modified: 11/25/2024
MEDIUM 4.7 PyPI
PYSEC-2026-212 · CVE-2026-10804 Modified: 6/15/2026