[SECURITY] Fedora 43 Update: uv-0.10.12-1.fc43

An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...

SUSE-SU-2026:1062-1 Security update for python310

This update for python310 fixes the following issues: Update to Python 3.10.20: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

RHSA-2026:5218 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

RHEL 10 : python3.12 (RHSA-2026:5315)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5315 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

python313-3.13.12-2.1 on GA media (moderate)

python313-3.13.12-2.1 on GA media Announcement ID: openSUSE-SU-2026:10394-1 Rating: moderate Cross-References: CVE-2026-2297 CVSS scores: CVE-2026-2297 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2026-2297 SUSE : 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N...

OPENSUSE-SU-2026:10398-1 python311-3.11.15-3.1 on GA media

These are all security issues fixed in the python311-3.11.15-3.1 package on the GA media of openSUSE Tumbleweed...

EulerOS Virtualization 2.10.1 : python-pip (EulerOS-SA-2026-1544)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn'...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-006152)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006152 advisory. When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgradi...

Fedora 43 : python3.10 (2026-41f576f846)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-41f576f846 advisory. Update to 3.10.20 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

TencentOS Server 4: python3.11 (TSSA-2026:0141)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0141 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CLSA-2026-1773323311 python3.11: Fix of CVE-2025-6075

CVE-2025-6075: fix quadratic complexity in os.path.expandvars...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Important) (RHSA-2026:4460)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4460 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

MiracleLinux 9 : python3.12-3.12.12-4.el9_7.1 (AXSA:2026-294:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-294:08 advisory. cpython: IMAP command injection in user-controlled commands CVE-2025-15366 cpython: POP3 command injection in user-controlled commands CVE-2025-15367...

RHEL 9 : python3.9 (RHSA-2026:4168)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4168 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CVE-2026-29787

mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.21.0, the /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When...

[SECURITY] Fedora 43 Update: python3.11-3.11.14-5.fc43

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

Amazon Linux 2 : python, --advisory ALAS2-2026-3185 (ALAS-2026-3185)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3185 advisory. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be...

mcp-memory-service Vulnerable to System Information Disclosure via Health Endpoint

Summary The /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When MCPALLOWANONYMOUSACCESS=true is set required for the HTTP server to function without OAuth/API key,...