Poetry
This hub aggregates every CVE we track for Poetry, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Poetry.
- CVE-2026-41140Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.45.3
- CVE-2026-34591Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write6.5
- CVE-2022-36069Poetry Argument Injection vulnerability can lead to local Code Execution7.3
- CVE-2022-36070Poetry's Untrusted Search Path can lead to Local Code Execution on Windows7.3
- CVE-2022-26184Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when users execute Poetry commands in a directory containing mal...9.8
Product normalization is registry-driven with AI assist and human review. How it works