EulerOS Virtualization 2.13.1 : python-requests (EulerOS-SA-2026-2146)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made...

Astra Linux – Vulnerability in requests

Requests is an HTTP library. Prior to version 2.32.0, when making requests through a Requests Session, if the first request was made with verify=False to disable certificate verification, all subsequent requests to the same host would continue to ignore certificate verification, regardless of...

CVE-2026-29971

A reflected cross-site scripting XSS vulnerability exists in WebFileSys version before 2.32.0 and fixed in v.2.32.0. User-controlled input is reflected into HTML and JavaScript contexts without proper output encoding, allowing arbitrary JavaScript execution in the victim's browser via the ftpBack...

EulerOS 2.0 SP13 : python-requests (EulerOS-SA-2026-1258)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=Fal...

EulerOS 2.0 SP13 : python-requests (EulerOS-SA-2026-1294)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=Fal...

CVE-2026-27963

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...

CVE-2026-27963

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...

CVE-2026-27963 Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...

CVE-2026-27963

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...

OESA-2025-2809 python-requests security update

Requests is an HTTP library, written in Python, as an alternative to Python's builtin urllib2 which requires work even method overrides to perform basic tasks. Features of Requests: - GET, HEAD, POST, PUT, DELETE Requests: + HTTP Header Request Attachment. + Data/Params Request Attachment. +...

OESA-2025-2807 python-requests security update

Requests is an HTTP library, written in Python, as an alternative to Python's builtin urllib2 which requires work even method overrides to perform basic tasks. Features of Requests: - GET, HEAD, POST, PUT, DELETE Requests: + HTTP Header Request Attachment. + Data/Params Request Attachment. +...

OESA-2025-2806 python-requests security update

Requests is an HTTP library, written in Python, as an alternative to Python's builtin urllib2 which requires work even method overrides to perform basic tasks. Features of Requests: - GET, HEAD, POST, PUT, DELETE Requests: + HTTP Header Request Attachment. + Data/Params Request Attachment. +...

TencentOS Server 3: python-requests (TSSA-2025:0026)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0026 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2025-59480

Mattermost Mobile Apps versions =2.32.0 fail to verify that SSO redirect tokens originate from the trusted server, which allows a malicious Mattermost instance or on-path attacker to obtain user session credentials via crafted token-in-URL responses...

PT-2025-46874

Name of the Vulnerable Software and Affected Versions Mattermost Mobile Apps versions prior to 2.32.0 Description The Mattermost Mobile Apps do not properly validate Single Sign-On SSO redirect tokens to ensure they come from a trusted server. This allows a malicious Mattermost instance or an...

Mattermost Mobile Apps 安全漏洞

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A security vulnerability exists in Mattermost Mobile Apps version 2.32.0 and prior versions, which stems from an unverified SSO redirect token source that could lead to obtaining user session credentials...

EUVD-2024-1565

Malicious code in bioql PyPI...

CVE-2025-52904 File Browser: Command Execution not Limited to Scope

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In versions of the web application on the 2.x branch, all users have a scope assigned, and they only have access to the files within that scope. The...

Canonical Apport 竞争条件问题漏洞

Canonical Apport is a toolkit from Canonical UK for collecting and providing feedback on error messages information that the operating system considers useful when an application crashes. A security vulnerability exists in Canonical Apport version 2.32.0 and earlier, which originates from a...

Amazon Linux 2 : python3-requests (ALAS-2025-2846)

The version of python3-requests installed on the remote host is prior to 2.14.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2846 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is mad...