Every CVE whose affected-product data names Python-poetry Poetry, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-26184 — CVSS 9.8 (critical): Poetry v1.1.9 and below was discovered to contain an untrusted search path which causes the application to behave in unexpected ways when…
CVE-2022-36069 — CVSS 7.3 (high): Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses…
CVE-2022-36070 — CVSS 7.3 (high): Poetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g…
CVE-2026-34591 — CVSS 6.5 (medium): Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry…