urllib3 — CVE history (PyPI)
urllib3
11 CVEs affect the urllib3 PyPI package (highest CVSS 7.5). Latest disclosed: 2026-05-13. Full CVE history sourced from NVD.
Summary
- Package
urllib3(PyPI)- Total CVEs
11- Actively exploited (CISA KEV)
- 0
- Highest CVSS
7.5- Latest disclosed
- 2026-05-13
Recent CVEs (top 11)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2026-44432 | High | 7.5 | — | 2026-05-13 | urllib3 is an HTTP client library for Python. |
CVE-2026-44431 | Medium | 5.3 | — | 2026-05-13 | urllib3 is an HTTP client library for Python. |
CVE-2026-21441 | — | — | — | 2026-01-07 | urllib3 is an HTTP client library for Python. |
CVE-2025-66471 | — | — | — | 2025-12-05 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2025-66418 | — | — | — | 2025-12-05 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2025-50182 | Medium | 5.3 | — | 2025-06-19 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2025-50181 | Medium | 5.3 | — | 2025-06-19 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2024-37891 | Medium | 4.4 | — | 2024-06-17 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2023-45803 | Medium | 4.2 | — | 2023-10-17 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2023-43804 | Medium | 5.9 | — | 2023-10-04 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2016-9015 | Low | 3.7 | — | 2017-01-11 | Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. |
All-time worst (top 8 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2026-44432 | High | 7.5 | — | 2026-05-13 | urllib3 is an HTTP client library for Python. |
CVE-2023-43804 | Medium | 5.9 | — | 2023-10-04 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2026-44431 | Medium | 5.3 | — | 2026-05-13 | urllib3 is an HTTP client library for Python. |
CVE-2025-50182 | Medium | 5.3 | — | 2025-06-19 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2025-50181 | Medium | 5.3 | — | 2025-06-19 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2024-37891 | Medium | 4.4 | — | 2024-06-17 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2023-45803 | Medium | 4.2 | — | 2023-10-17 | urllib3 is a user-friendly HTTP client library for Python. |
CVE-2016-9015 | Low | 3.7 | — | 2017-01-11 | Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. |