Photon OS 5.0: Python3 PHSA-2026-5.0-0862

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0862. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1666)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1666 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such...

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1654)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1654 advisory. pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferr...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1665)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1665 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such...

CLEANSTART-2026-QK55639 Security fixes for CVE-2026-44431, CVE-2026-44432, CVE-2026-6357, ghsa-gc5v-m9x4-r6x2, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 26.1.0.0-r1

Multiple security vulnerabilities affect the miniforge3 package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-HZ86045 Security fixes for CVE-2026-44431, CVE-2026-44432, CVE-2026-6357, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 26.1.1.0-r0

Multiple security vulnerabilities affect the miniforge3 package. These issues are resolved in later releases. See references for individual vulnerability details...

Important: python-pip

Issue Overview: pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update...

CVE-2026-6357 vulnerabilities

Vulnerabilities for packages: datadog-agent, tensorflow-cpu-jupyter, kubeflow-katib, pypy-3.10, py3-pip...

Linux Distros Unpatched Vulnerability : CVE-2026-6357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These...

CVE-2026-6357

creationtimestamp| type| source ---|---|--- 2026-04-27 20:57:33+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkixil2wqr2j 2026-05-07 12:00:58+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mlb66cgbnt23...

aaanalysis (>=0.1.2 <=1.0.2), aadetools (>=0.0.3 <=0.0.5) +587 more potentially affected by CVE-2026-6357 via pip (>=10.0.0b2 <=26.0.1)

pip PYPI version =10.0.0b2, =0.1.2, =0.0.3, =0.5.14, =0.1.1, =2.0.0, =0.2.1, =0.1.2, =0.0.1, =0.1.0, =0.1.10, =0.2.0, =0.68.0, =1.8.15, =1.8.17, =1.8.19 and more Source cves: CVE-2026-6357 Source advisory: OSV:GHSA-JP4C-XJXW-MGF9...

CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

UBUNTU-CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2023-6357

creationtimestamp| type| source ---|---|--- 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

MINI-WX99-6357-C35P

Bulletin has no description...

CVE-2025-6357

creationtimestamp| type| source ---|---|--- 2025-06-20 17:46:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19005...

CVE-2025-6357 code-projects Simple Pizza Ordering System paymentportal.php sql injection

A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of the argument person leads to sql injection. It is possible to launch the attack remotely. The exploi...

CVE-2020-6357

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...