Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

241 matches found

Tenable Nessus
Tenable Nessusadded 3 days ago6 views

Oracle Linux 9 : python3.9 (ELSA-2026-18693)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18693 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-167919, RHEL-168161 - Security fix for CVE-2026-4519 Resolves: RHEL-158117 Tenable has...

9.1CVSS7AI score0.00517EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2026/06/16 7:53 a.m.5 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS6.5AI score0.00216EPSS
Exploits0References7
OSV
OSVadded 2026/06/15 3:21 p.m.1 views

ROOT-OS-DEBIAN-12-CVE-2026-4519 CVE-2026-4519 in rootio-python3.11 - Patched by Root

Root has patched CVE-2026-4519 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...

3.3CVSS5.9AI score0.00216EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2026/06/01 1:40 a.m.17 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS7.3AI score0.00216EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2026/05/28 7:32 a.m.10 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS7AI score0.00216EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.11 views

RockyLinux 8 : python3 (RLSA-2026:6473)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6473 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly fro...

7CVSS6.8AI score0.00216EPSS
Exploits0References3
Rockylinux
Rockylinuxadded 2026/05/21 4:24 p.m.13 views

python3 security update

An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...

7CVSS5.8AI score0.00216EPSS
Exploits0
OSV
OSVadded 2026/05/21 4:24 p.m.7 views

RLSA-2026:6473 Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS5.8AI score0.00216EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2026/05/20 10:23 a.m.9 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS7AI score0.00216EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2026/05/20 12:0 a.m.19 views

Amazon Linux 2023 : python3.13, python3.13-devel, python3.13-freethreading (ALAS2023-2026-1638)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1638 advisory. Mitgation of CVE-2026-4519 was incomplete. If the URL contained %action the mitigation could be bypassed for certain browser types the webbrowser.open API could have commands injected into the...

9.1CVSS6AI score0.00517EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2026/05/19 7:1 p.m.8 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS7AI score0.00216EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2026/05/19 6:28 p.m.8 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS7AI score0.00216EPSS
Exploits0References7
AlmaLinux
AlmaLinuxadded 2026/05/19 12:0 a.m.13 views

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.3AI score0.00517EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2026/05/14 12:0 a.m.16 views

Amazon Linux 2 : python3, --advisory ALAS2-2026-3281 (ALAS-2026-3281)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3281 advisory. Mitgation of CVE-2026-4519 was incomplete. If the URL contained %action the mitigation could be bypassed for certain...

9.1CVSS5.8AI score0.00517EPSS
Exploits0References6
Amazon
Amazonadded 2026/05/14 12:0 a.m.15 views

Important: python3

Issue Overview: Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details. CVE-2026-4786 Use-after-free UAF wa...

9.1CVSS7.5AI score0.00517EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2026/05/07 5:25 a.m.8 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS6AI score0.00216EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2026/05/07 4:55 a.m.13 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS6AI score0.00216EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2026/05/07 4:51 a.m.15 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS6.7AI score0.00216EPSS
Exploits0References7
Oracle linux
Oracle linuxadded 2026/05/07 12:0 a.m.9 views

python security update

2.6.6-68.0.6 - Fix CVE-2026-4519 Orabug: 39253111...

5.9CVSS7.1AI score0.00315EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/05/07 12:0 a.m.7 views

TencentOS Server 2: python3 (TSSA-2026:0282)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0282 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

7CVSS5.9AI score0.00216EPSS
Exploits0References2
Rows per page
Query Builder