Lucene search
K

14 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 7:56 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses lxml-6.0.0-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-41066

Summary IBM Maximo Application Suite - Visual Inspection component uses lxml-6.0.0-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-41066, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details...

7.5CVSS5.8AI score0.00324EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Amazon Linux 2023 : python3-lxml (ALAS2023-2026-1678)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1678 advisory. lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input t...

7.5CVSS5.8AI score0.00324EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/19 12:0 a.m.8 views

Security update for python-lxml (moderate)

openSUSE security update: security update for python-lxml ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20737-1 Rating: moderate References: bsc1263254 Cross-References: CVE-2026-41066 CVSS scores: CVE-2026-41066 SUSE : 5.9...

6CVSS5.8AI score0.00324EPSS
Exploits1References1
Amazon
Amazon
added 2026/05/14 12:0 a.m.17 views

Important: python-lxml

Issue Overview: lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input to read local files. Setting the resolveentities option explicitly to...

7.5CVSS5.8AI score0.00324EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.11 views

TencentOS Server 4: python-lxml (TSSA-2026:0288)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0288 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS5.9AI score0.00324EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.10 views

Amazon Linux 2 : python-lxml, --advisory ALAS2-2026-3297 (ALAS-2026-3297)

The version of python-lxml installed on the remote host is prior to 3.2.1-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3297 advisory. lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the...

7.5CVSS5.8AI score0.00324EPSS
Exploits1References4
OSV
OSV
added 2026/05/11 10:11 a.m.5 views

OPENSUSE-SU-2026:20737-1 Security update for python-lxml

This update for python-lxml fixes the following issue - CVE-2026-41066: Information disclosure via untrusted XML input leading to local file read bsc1263254...

7.5CVSS5.8AI score0.00324EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2026/05/06 12:10 a.m.11 views

CVE-2026-41066 affecting package python-lxml for versions less than 4.9.3-2

CVE-2026-41066 affecting package python-lxml for versions less than 4.9.3-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00324EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.5 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-41066)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-41066 advisory. - lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using...

7.5CVSS5.8AI score0.00324EPSS
Exploits1References1
OSV
OSV
added 2026/04/25 5:48 a.m.7 views

OESA-2026-2012 python-lxml security update

\ Security Fixes: lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input to read local files. Setting the resolveentities option explicitly to...

7.5CVSS5.4AI score0.00324EPSS
Exploits1References2
OSV
OSV
added 2026/04/25 5:48 a.m.5 views

OESA-2026-2008 python-lxml security update

\ Security Fixes: lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input to read local files. Setting the resolveentities option explicitly to...

7.5CVSS5.4AI score0.00324EPSS
Exploits1References2
OSV
OSV
added 2026/04/24 5:16 p.m.8 views

ALPINE-CVE-2026-41066

lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input to read local files. Setting the resolveentities option explicitly to resolveentities='internal' ...

7.5CVSS5.4AI score0.00324EPSS
Exploits1References1
Chainguard
Chainguard
added 2026/04/22 7:17 p.m.10 views

CVE-2026-41066 vulnerabilities

Vulnerabilities for packages: authentik-fips, open-webui, datahub-ingestion, synapse, authentik, kubeflow-pipelines-visualization-server, nemo, datadog-agent-fips, label-studio, airflow, datahub-ingestion-fips, datadog-agent...

7.5CVSS5.9AI score0.00324EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/21 8:38 p.m.9 views

a-mailx (=0.1.0), acdh-xml-validator (>=0.1.0 <=1.1.0) +314 more potentially affected by CVE-2026-41066 via lxml (>=6.0.0 <=6.0.4)

lxml PYPI version =6.0.0, =0.1.0, =0.1.3, =0.1.0, =3.0.7, =1.6.6, =1.44.2, =1.0.0, =0.0.1, =2026.5.23, =25.11.0, =0.1.1, =0.3.3, =0.3.7 and more Source cves: CVE-2026-41066 Source advisory: SNYK:PYTHON-LXML-16119103...

7.5CVSS5.7AI score0.00324EPSS
Exploits1
Rows per page
Query Builder