Every CVE whose affected-product data names Piccolo-orm Piccolo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-47128 — CVSS 9.1 (critical): Piccolo is an object-relational mapping and query builder which supports asyncio. Prior to version 1.1.1, the handling of named transaction…
CVE-2023-41885 — CVSS 5.3 (medium): Piccolo is an ORM and query builder which supports asyncio. In versions 0.120.0 and prior, the implementation of `BaseUser.login` leaks…