Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432

Summary IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION:...

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities (CVE-2026-44431, CVE-2026-44432)

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client...

ALSA-2026:32992 Important: python3.12-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Important: python3.12-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Security Bulletin: There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-44431)

Summary There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followe...

python-urllib3 security update

An update is available for python-urllib3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

RockyLinux 9 : python-urllib3 (RLSA-2026:28158)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:28158 advisory. urllib3: urllib3: Denial of Service due to excessive HTTP response decompression CVE-2026-44432 urllib3: urllib3: Information disclosure via cross-origi...

RockyLinux 9 : python3.12-urllib3 (RLSA-2026:28159)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:28159 advisory. urllib3: urllib3: Denial of Service due to excessive HTTP response decompression CVE-2026-44432 urllib3: urllib3: Information disclosure via cross-origi...

Important: Red Hat Security Advisory: python3.14-urllib3 security update

An update for python3.14-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: python3.12-urllib3 security update

An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 9 : python3.14-urllib3 (RHSA-2026:28157)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:28157 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

CentOS 9 : python-urllib3-1.26.5-8.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the python-urllib3-1.26.5-8.el9 build changelog. - urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API v...

ALSA-2026:27929 Important: python3.14-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CLEANSTART-2026-NN42198 Security fixes for CVE-2024-35195, CVE-2024-47081, CVE-2025-8869, CVE-2026-1703, CVE-2026-25645, CVE-2026-3219, CVE-2026-44431, CVE-2026-44432, CVE-2026-45409, CVE-2026-48710, CVE-2026-6357, ghsa-58qw-9mgm-455v, ghsa-65pc-fj4g-8rjx, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 1.25.2-r0, 2.2.3-r0, 2.2.3-r1

Multiple security vulnerabilities affect the k8s-sidecar package. These issues are resolved in later releases. See references for individual vulnerability details...

BELL-CVE-2026-44432

Bulletin has no description...

CVE-2026-44432

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

CLEANSTART-2026-QK55639 Security fixes for CVE-2026-44431, CVE-2026-44432, CVE-2026-6357, ghsa-gc5v-m9x4-r6x2, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 26.1.0.0-r1

Multiple security vulnerabilities affect the miniforge3 package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-HZ86045 Security fixes for CVE-2026-44431, CVE-2026-44432, CVE-2026-6357, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 26.1.1.0-r0

Multiple security vulnerabilities affect the miniforge3 package. These issues are resolved in later releases. See references for individual vulnerability details...

Linux Distros Unpatched Vulnerability : CVE-2026-44432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during...

360solutions-bc-mcp (=0.5.3), advanced-yaml (>=0.3.4 <=0.4.3) +308 more potentially affected by CVE-2026-44432 via urllib3 (>=2.6.0 <=2.6.3)

urllib3 PYPI version =2.6.0, =0.3.4, =0.1.0, =0.5.0, =0.24.2, =0.5.0, =1.0.5, =26.1.0, =26.5.0b1, =0.7.0, =0.45.0, =0.2.6, =0.8.0 - auditize =0.10.0 - authutils =7.2.0 and more Source cves: CVE-2026-44432 Source advisory: OSV:PYSEC-2026-142...