Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection

Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are before 13.0-58.30,...

RockyLinux 8 : python3 (RLSA-2025:14560)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:14560 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the RockyLinux security...

CVE-2026-8194

creationtimestamp| type| source ---|---|--- 2026-05-09 22:05:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlhaua5h5m2i...

CVE-2026-8194

A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argument method leads to cross-site request forgery. Remote exploitation of the attack is possible. Th...

CVE-2026-8194

A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argument method leads to cross-site request forgery. Remote exploitation of the attack is possible. Th...

CLSA-2026-1777944042 Fix CVE(s): CVE-2025-8194, CVE-2026-4519, CVE-2026-4786

SECURITY UPDATE: tarfile DoS via negative member offsets - debian/patches/CVE-2025-8194.patch: validate that member offsets are non-negative in Lib/tarfile.py. - CVE-2025-8194 SECURITY UPDATE: webbrowser.open accepts URLs with leading dashes - debian/patches/CVE-2026-4519-CVE-2026-4786.patch:...

ROOT-OS-DEBIAN-12-CVE-2025-8194 CVE-2025-8194 in rootio-python3.11 - Patched by Root

Root has patched CVE-2025-8194 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-8194 CVE-2025-8194 in rootio-python3.13 - Patched by Root

Root has patched CVE-2025-8194 in the rootio-python3.13 package for Root:Debian:13. Multiple fixed versions available...

Oracle Linux 7 : python3 (ELSA-2026-6464)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6464 advisory. - Security update CVE-2025-15366, CVE-2025-15367, CVE-2026-1299 Orabug: 39159999 - Security update CVE-2025-12084 Orabug: 38971895 - tarfile now...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.5)

The version of AHV installed on the remote host is prior to AHV-10.0.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.5 advisory. - A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata...

python: Fix of CVE-2025-8194

CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative...

CLSA-2026-1772576551 python: Fix of CVE-2025-8194

CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative...

SUSE: Security Advisory (SUSE-SU-2026:20125-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 9 : python3.11-3.11.11-2.el9_6.2 (AXSA:2025-10821:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10821:09 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1036)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 8 : python39:3.9 (AXSA:2025-10818:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10818:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 cpython: Cpython infinite loop when parsing a tarfile...

MiracleLinux 8 : python3.12-3.12.11-2.el8_10 (AXSA:2025-10803:10)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10803:10 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : python3.9-3.9.21-2.el9_6.2 (AXSA:2025-10822:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10822:03 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python3-3.6.8-71.el8_10.ML.1 (AXSA:2025-10807:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10807:03 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : python3-3.6.8-21.0.5.0.1.el7.AXS7 (AXSA:2025-11016:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11016:07 advisory. Bump package Release to 21.0.5 CVE-2025-8194: tarfile: validate archives to ensure member offsets are non-negative CVEs: CVE-2025-8194 There is a defect in...