ROOT-APP-PYPI-CVE-2026-25990 CVE-2026-25990 in rootio-pillow - Patched by Root

Root has patched CVE-2026-25990 in the rootio-pillow package for Root:PyPI. Multiple fixed versions available...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Out-of-bounds Write in Python Pillow [CVE-2026-25990]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Out-of-bounds Write in Python Pillow, due to an issue that allows this condition to be triggered through the loading of a specially crafted PSD image CVE-2026-25990. Python Pillow is used in our speech service runtimes. This...

openSUSE 16 Security Update : python-Pillow (openSUSE-SU-2026:20458-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20458-1 advisory. - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125 Tenable has extracted the preceding description...

Security update for python-Pillow (important)

openSUSE security update: security update for python-pillow ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20458-1 Rating: important References: bsc1258125 Cross-References: CVE-2026-25990 CVSS scores: CVE-2026-25990 SUSE : 7.5...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pillow-12.1.0-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-25990.

Summary IBM Maximo Application Suite - Monitor Component uses pillow-12.1.0-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-25990. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25990 DESCRIPTION: Pillow is...

Fedora: Security Advisory (FEDORA-2026-0d673fa503)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-6147 : python-pil-doc - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6147 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6147-1 [email protected] https://www.debian.org/security/ Moritz...

[SECURITY] [DSA 6147-1] pillow security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6147-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 20, 2026 https://www.debian.org/security/faq -...

Ubuntu: Security Advisory (USN-8047-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : python-pillow (2026-9f517a7495)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9f517a7495 advisory. Backport fix for CVE-2026-25990. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

CVE-2026-25990 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server, mlflow, superset...

CVE-2026-25990

A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure. Mitigation Mitigation for this issue is either not available or the currently...

Linux Distros Unpatched Vulnerability : CVE-2026-25990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This...

PT-2026-7584

Name of the Vulnerable Software and Affected Versions Pillow versions 10.3.0 through 12.1.0 Description Pillow is a Python imaging library. An out-of-bounds write issue can occur when loading a specially crafted PSD image. This flaw exists within Pillow’s Photoshop Document PSD handler. The issue...

CVE-2025-25990

Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component...

CVE-2025-25990

Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component...

CVE-2025-25990

Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component...

CVE-2025-25990

Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive information via the /install/index.php component...

CVE-2025-25990

CVE-2025-25990 affects HooskCms v1.7.1. A placeholder/XSS vulnerability in the /install/index.php component allows a remote attacker to obtain sensitive information. The issue is confirmed across multiple sources; no patch version is specified in the provided documents. Remediation guidance found...

CVE-2024-25990

creationtimestamp| type| source ---|---|--- 2024-03-11 20:26:58+00:00| seen| https://t.me/ctinow/205038...