Fastapiexpert Python-multipart — known CVE vulnerabilities
Every CVE whose affected-product data names Fastapiexpert Python-multipart, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-24486 — CVSS 8.6 (high): Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using…
CVE-2026-53539 — CVSS 7.5 (high): Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, when parsing application/x-www-form-urlencoded bodies…
CVE-2024-24762 — CVSS 7.5 (high): `python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse…
CVE-2026-40347 — CVSS 5.3 (medium): Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing…
CVE-2026-53537 — CVSS 3.7 (low): Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and…
CVE-2026-53538 — CVSS 3.7 (low): Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in…
CVE-2026-53540 — CVSS 3.7 (low): Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parse_form() did not validate the Content-Length header…