Poetry — CVE history (PyPI)
Poetry
4 CVEs affect the Poetry PyPI package (highest CVSS 7.3). Latest disclosed: 2026-04-24. Full CVE history sourced from NVD.
Summary
- Package
Poetry(PyPI)- Total CVEs
4- Actively exploited (CISA KEV)
- 0
- Highest CVSS
7.3- Latest disclosed
- 2026-04-24
Recent CVEs (top 4)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2026-41140 | — | — | — | 2026-04-24 | Poetry is a dependency manager for Python. |
CVE-2026-34591 | — | — | — | 2026-04-02 | Poetry is a dependency manager for Python. |
CVE-2022-36069 | High | 7.3 | — | 2022-09-07 | Poetry is a dependency manager for Python. |
CVE-2022-36070 | High | 7.3 | — | 2022-09-07 | Poetry is a dependency manager for Python. |
All-time worst (top 2 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2022-36069 | High | 7.3 | — | 2022-09-07 | Poetry is a dependency manager for Python. |
CVE-2022-36070 | High | 7.3 | — | 2022-09-07 | Poetry is a dependency manager for Python. |