Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.6.1-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.6.1-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-33155 DESCRIPTION: DeepDiff is a project focused on Deep Difference and search of any Python data. From version 5.0.0 to before version 8.6.2, the pickle...

CVE-2026-33155

A flaw was found in DeepDiff. A remote attacker could exploit a vulnerability in the RestrictedUnpickler component, which fails to limit constructor arguments for certain data types. By providing a specially crafted, small pickle payload, an attacker can force the application to allocate an...

Linux Distros Unpatched Vulnerability : CVE-2026-33155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DeepDiff is a project focused on Deep Difference and search of any Python data. From version 5.0.0 to before version 8.6.2, the pickle unpickler...

DeepDiff 资源管理错误漏洞

DeepDiff is a Python library developed by Sep Dehpour. Versions of DeepDiff from 5.0.0 to 8.6.2 had a resource management vulnerability. This vulnerability stemmed from the lack of restrictions on constructor parameters by the RestrictedUnpickler, which could lead to excessive memory consumption...

aana (>=0.2.1 <=0.2.2), acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9) +492 more potentially affected by CVE-2026-33155 via deepdiff (>=5.0.1 <=8.6.1)

deepdiff PYPI version =5.0.1, =0.2.1, =0.1.7, =3.0.0b853, =0.1.0, =0.0.1, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =1.0.0, =2.8.5, =0.1.6, =0.2.0 and more Source cves: CVE-2026-33155 Source advisory: SNYK:PYTHON-DEEPDIFF-15692487...

Security Bulletin: Vulnerability in DeepDiff affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in DeepDiff has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

SUSE CVE-2025-58367

DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...

CVE-2025-58367

DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...

CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution

DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...

CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution

DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...

aana (>=0.2.1 <=0.2.2), acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9) +487 more potentially affected by CVE-2025-58367 via deepdiff (>=5.0.1 <=8.6.0)

deepdiff PYPI version =5.0.1, =0.2.1, =0.1.7, =3.0.0b853, =0.1.0, =0.0.1, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =1.0.0, =2.8.5, =0.1.6, =0.2.0 and more Source cves: CVE-2025-58367 Source advisory: SNYK:PYTHON-DEEPDIFF-12485343...

GHSA-MW26-5G2V-HQW3 DeepDiff Class Pollution in Delta class leading to DoS, Remote Code Execution, and more

Summary Python class pollution is a novel vulnerability categorized under CWE-915. The Delta class is vulnerable to class pollution via its constructor, and when combined with a gadget available in DeltaDiff itself, it can lead to Denial of Service and Remote Code Execution via insecure Pickle...

aana (>=0.2.1 <=0.2.2), acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9) +487 more potentially affected by CVE-2025-58367 via deepdiff (>=5.0.1 <=8.6.0)

deepdiff PYPI version =5.0.1, =0.2.1, =0.1.7, =3.0.0b853, =0.1.0, =0.0.1, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =1.0.0, =2.8.5, =0.1.6, =0.2.0 and more Source cves: CVE-2025-58367 Source advisory: OSV:GHSA-MW26-5G2V-HQW3...