Lucene search
K

8 matches found

OSV
OSV
added 2 days ago12 views

ROOT-APP-PYPI-CVE-2026-47265 CVE-2026-47265 in rootio-aiohttp - Patched by Root

Root has patched CVE-2026-47265 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

8.7CVSS5.2AI score0.0015EPSS
Exploits0
OSV
OSV
added 2026/06/05 3:48 p.m.8 views

OESA-2026-2562 python-aiohttp security update

Async http client/server framework asyncio. Security Fixes: Most applications using this function will be doing so with the user's own data, so this is unlikely to affect many applications.CVE-2026-34993 If a developer uses the cookies parameter on a per-request basis then sensitive data might be...

8.7CVSS5.5AI score0.0015EPSS
Exploits0References3
Wolfi
Wolfi
added 2026/06/04 7:48 p.m.30 views

CVE-2026-47265 vulnerabilities

Vulnerabilities for packages: checkov, airflow, dask-kubernetes, kubeflow-katib, open-webui...

8.7CVSS6.1AI score0.0015EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/04 7:17 p.m.16 views

CVE-2026-47265 vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, keep, request-1276, datahub-ingestion, tritonserver-backend-vllm-cuda-13.0, lmcache-cuda-12.8, text-generation-inference, py3-vllm-cuda-12.4, dask-kubernetes-fips, awx, gitlab-cng-fips, litellm, vllm-cuda-13.2, py3-vllm-cuda-13.0,...

8.7CVSS6.1AI score0.0015EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/04 12:9 a.m.19 views

CVE-2026-47265

A flaw was found in AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python. This vulnerability allows a remote attacker to potentially gain access to sensitive information. When a developer uses the cookies parameter on a per-request basis, cookies are sent after following a...

8.7CVSS5.7AI score0.0015EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/06/03 9:34 p.m.14 views

227checkergenerator (>=1.0.0 <=1.0.1), 5mghost-rover (>=0.0.1 <=0.0.3) +1701 more potentially affected by CVE-2026-47265 via aiohttp (>=3.0.0b0 <=3.13.5)

aiohttp PYPI version =3.0.0b0, =1.0.0, =0.0.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.6.0, =0.0.0, =0.0.2, =0.0.3 and more Source cves: CVE-2026-47265 Source advisory: SNYK:PYTHON-AIOHTTP-17146580...

8.7CVSS5.7AI score0.0015EPSS
Exploits0
Circl
Circl
added 2026/06/02 8:44 p.m.13 views

CVE-2026-47265

creationtimestamp| type| source ---|---|--- 2026-06-02 20:44:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndhkudytl24 2026-06-03 23:40:58+00:00| seen| https://gist.github.com/alon710/9df1d7e2f4cb5ed041eded527313ebbc...

8.7CVSS5.7AI score0.0015EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 6:32 p.m.91 views

CVE-2026-47265

AIOHTTP prior to 3.14.0 is vulnerable: cookies provided via the cookies parameter on per-request calls are sent after following a cross-origin redirect, which may leak sensitive data if an attacker can control the redirect. Version 3.14.0 patches the issue. As a workaround, using a Cookie header ...

8.7CVSS5.8AI score0.0015EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder