PT-2026-41734

Name of the Vulnerable Software and Affected Versions amazon-redshift-python-driver versions prior to 2.1.14 Description Unsafe use of Python's eval function on data received from a server within the vector in function allows a rogue server or man-in-the-middle actor to execute arbitrary code on...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-021488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021488 advisory. In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.setcookie were not checked for...

[SECURITY] Fedora 44 Update: pypy-7.3.22-2.fc44

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

[SECURITY] Fedora 44 Update: python-jupytext-1.19.1-4.fc44

Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...

[SECURITY] Fedora 42 Update: python-jupytext-1.19.1-4.fc42

Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...

Fedora 43 : python-uv-build / rust-astral-tokio-tar / uv (2026-a8100094df)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-a8100094df advisory. Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA- xx64-wwv2-hcqq and GHSA-...

Fedora 44 : python-uv-build / rust-astral-tokio-tar / uv (2026-7aacc8ea7d)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-7aacc8ea7d advisory. Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA- xx64-wwv2-hcqq and GHSA-...

Fedora 44 : python-jupytext (2026-301cbbe347)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-301cbbe347 advisory. This update contains upgrades to various npm packages used during the build to address CVEs, namely: - CVE-2025-69873 ajv - CVE-2026-0540 DOMPurify ...

Fedora 42 : python-uv-build / rust-astral-tokio-tar / uv (2026-8d8aee6aaf)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8d8aee6aaf advisory. Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA- xx64-wwv2-hcqq and GHSA-...

CVE-2021-47952

python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. Attackers can craft JSON strings with py/repr directives that invoke the eval function during...

CVE-2021-47952

python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. Attackers can craft JSON strings with py/repr directives that invoke the eval function during...

CLSA-2026-1778880543 python3: Fix of CVE-2024-4032

CVE-2024-4032: fix incorrect isprivate/isglobal ranges in ipaddress module...

CVE-2021-47952 python jsonpickle 2.0.0 Remote Code Execution via py/repr

python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. Attackers can craft JSON strings with py/repr directives that invoke the eval function during...

CVE-2021-47952 python jsonpickle 2.0.0 Remote Code Execution via py/repr

python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. Attackers can craft JSON strings with py/repr directives that invoke the eval function during...

Exploit for CVE-2026-45672

CVE-2026-45672 Overview The Open WebUI platform, designe...

CVE-2026-45369

python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...

OPENSUSE-SU-2026:10798-1 python311-urllib3-2.7.0-1.1 on GA media

These are all security issues fixed in the python311-urllib3-2.7.0-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE SLES16 Security Update : python-lxml (SUSE-SU-2026:21603-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:21603-1 advisory. This update for python-lxml fixes the following issue - CVE-2026-41066: Information disclosure via untrusted XML input leading to local fil...

SUSE SLES15 Security Update : python-Mako (SUSE-SU-2026:1820-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1820-1 advisory. This update for python-Mako fixes the following issue: - CVE-2026-41205: Prior to 1.3.11, TemplateLookup.gettemplate is vulnerable to path...

SUSE SLED15 / SLES15 Security Update : python-Mako (SUSE-SU-2026:1819-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1819-1 advisory. This update for python-Mako fixes the following issue: - CVE-2026-41205: Prior to 1.3.11, TemplateLookup.gettemplate is...