CVE-2026-6357 affecting package python-pip for versions less than 24.2-8

CVE-2026-6357 affecting package python-pip for versions less than 24.2-8. A patched version of the package is available...

Photon OS 5.0: Python3 PHSA-2026-5.0-0862

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0862. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1654)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1654 advisory. pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferr...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1665)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1665 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such...

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1666)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1666 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such...

CLEANSTART-2026-QK55639 Security fixes for CVE-2026-44431, CVE-2026-44432, CVE-2026-6357, ghsa-gc5v-m9x4-r6x2, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 26.1.0.0-r1

Multiple security vulnerabilities affect the miniforge3 package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-HZ86045 Security fixes for CVE-2026-44431, CVE-2026-44432, CVE-2026-6357, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 26.1.1.0-r0

Multiple security vulnerabilities affect the miniforge3 package. These issues are resolved in later releases. See references for individual vulnerability details...

Important: python-pip

Issue Overview: pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update...

CVE-2026-6357 vulnerabilities

Vulnerabilities for packages: datadog-agent, py3.14-virtualenv, py3-virtualenv, tensorflow-cpu-jupyter, py3-pip, pypy-3.10, kubeflow-katib...

Linux Distros Unpatched Vulnerability : CVE-2026-6357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These...

CVE-2026-6357

creationtimestamp| type| source ---|---|--- 2026-04-27 20:57:33+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkixil2wqr2j 2026-05-07 12:00:58+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mlb66cgbnt23...

aaanalysis (>=0.1.2 <=1.0.2), aadetools (>=0.0.3 <=0.0.5) +589 more potentially affected by CVE-2026-6357 via pip (>=10.0.0b2 <=26.0.1)

pip PYPI version =10.0.0b2, =0.1.2, =0.0.3, =0.5.14, =0.1.1, =2.0.0, =0.2.1, =0.1.2, =0.0.1, =0.1.0, =0.1.10, =0.2.0, =0.68.0, =1.8.15, =1.8.17, =1.8.19 and more Source cves: CVE-2026-6357 Source advisory: OSV:GHSA-JP4C-XJXW-MGF9...

CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

UBUNTU-CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2023-6357

creationtimestamp| type| source ---|---|--- 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

MINI-WX99-6357-C35P

Bulletin has no description...

CVE-2025-6357

creationtimestamp| type| source ---|---|--- 2025-06-20 17:46:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19005...

CVE-2025-6357 code-projects Simple Pizza Ordering System paymentportal.php sql injection

A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of the argument person leads to sql injection. It is possible to launch the attack remotely. The exploi...