CVE-2026-41039

creationtimestamp| type| source ---|---|--- 2026-04-21 13:15:34+00:00| seen| Telegram/ACix-abAkYRIrxjjcZyd26QmemgENFnnxJQy4E1EROVxlgs...

CVE-2026-41039 Information Disclosure Vulnerability in Quantum Networks Router QN-I-470

This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device. Successful...

RHEL 9 : kernel (RHSA-2025:11810)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11810 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/amd/display: Implement...

CVE-2023-41039

RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's "format" functionality allows someone controlling the format string to "read" all objects accessible through recursive attribute lookup and subscription from objects he can access. This can lead to...

Ubuntu: Security Advisory (USN-7355-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2024-41039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file...

Linux Distros Unpatched Vulnerability : CVE-2023-41039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's format functionality allows someone controlling the format...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 9 : kernel (RHSA-2024:9497)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9497 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: fix possible store tearin...

Mageia: Security Advisory (MGASA-2024-0278)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-41039

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix overflow checking of wmfw header Fix the checking that firmware file buffer is large enough for the wmfw header, to prevent overrunning the buffer. The original code tested that the firmware data buffer...

Ubuntu: Security Advisory (USN-6492-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5511-1 : mosquitto - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5511 advisory. Several security vulnerabilities have been discovered in mosquitto, a MQTT compatible message broker, which may be abused for a denial of service attack...

[SECURITY] [DSA 5511-1] mosquitto security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5511-1 [email protected] https://www.debian.org/security/ Markus Koschany October 01, 2023 https://www.debian.org/security/faq -...

CVE-2023-41039

creationtimestamp| type| source ---|---|--- 2023-08-30 22:12:22+00:00| seen| https://t.me/cibsecurity/69484...

a2grunnerp (>=0.1.0 <=0.1.8), dcicsnovault (>=2.0.0b4 <=2.0.0b7) +7 more potentially affected by CVE-2023-41039 via restrictedpython (>=6.0.0 <=6.1.0)

restrictedpython PYPI version =6.0.0, =0.1.0, =2.0.0b4, =0.0.42a3, =2.10.0, =2025.9.5, =0.8.2b36, =4.8.4, =4.8.11 Source cves: CVE-2023-41039 Source advisory: OSV:GHSA-XJW2-6JM9-RF67...

aimmo (>=0.4.0b3098 <=0.27.4b5229), battlehack20 (>=1.0.0 <=1.1.0) +6 more potentially affected by CVE-2023-41039 via restrictedpython (>=4.0.0b4 <=5.2.0)

restrictedpython PYPI version =4.0.0b4, =0.4.0b3098, =1.0.0, =1.0.1, =1.1.1, =0.1.0, =0.3.4, =0.0.41, =0.1047.0, =1.7.36 Source cves: CVE-2023-41039 Source advisory: OSV:GHSA-XJW2-6JM9-RF67...

aimmo (>=0.4.0b3098 <=0.27.4b5229), battlehack20 (>=1.0.0 <=1.1.0) +6 more potentially affected by CVE-2023-41039 via restrictedpython (>=4.0.0b4 <=5.2.0)

restrictedpython PYPI version =4.0.0b4, =0.4.0b3098, =1.0.0, =1.0.1, =1.1.1, =0.1.0, =0.3.4, =0.0.41, =0.1047.0, =1.7.36 Source cves: CVE-2023-41039 Source advisory: OSV:PYSEC-2023-159...

a2grunnerp (>=0.1.0 <=0.1.8), dcicsnovault (>=2.0.0b4 <=2.0.0b7) +7 more potentially affected by CVE-2023-41039 via restrictedpython (>=6.0.0 <=6.1.0)

restrictedpython PYPI version =6.0.0, =0.1.0, =2.0.0b4, =0.0.42a3, =2.10.0, =2025.9.5, =0.8.2b36, =4.8.4, =4.8.11 Source cves: CVE-2023-41039 Source advisory: OSV:PYSEC-2023-159...

CVE-2023-41039 Sandbox escape via various forms of "format" in RestrictedPython

RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's "format" functionality allows someone controlling the format string to "read" all objects accessible through recursive attribute lookup and subscription from objects he can access. This can lead to...