PyPI package
pyspector
pkg:pypi/pyspector
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-41206 | Hig | 7.8 | < 0.1.8 | 0.1.8 | Apr 23, 2026 | PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the block | |
| CVE-2026-33140 | — | < 0.1.7 | 0.1.7 | Mar 20, 2026 | PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. PySpector versions 0.1.6 and prior are affected by a stored Cross-Site Scripting (XSS) vulnerability in the HTML report generator. When PySpector scans a Python fi | ||
| CVE-2026-33139 | — | < 0.1.7 | 0.1.7 | Mar 20, 2026 | PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. PySpector versions 0.1.6 and prior are affected by a security validation bypass in the plugin system. The validate_plugin_code() function in plugin_system.py, perf |
- affected < 0.1.8fixed 0.1.8
PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the block
- CVE-2026-33140Mar 20, 2026affected < 0.1.7fixed 0.1.7
PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. PySpector versions 0.1.6 and prior are affected by a stored Cross-Site Scripting (XSS) vulnerability in the HTML report generator. When PySpector scans a Python fi
- CVE-2026-33139Mar 20, 2026affected < 0.1.7fixed 0.1.7
PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. PySpector versions 0.1.6 and prior are affected by a security validation bypass in the plugin system. The validate_plugin_code() function in plugin_system.py, perf