Security Bulletin: Vulnerability in DiskCache with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage includes DiskCache python-diskcache. Following vulnerability can achieve arbitrary code execution. CVE-2025-69872. Vulnerability Details CVEID:CVE-2025-69872 DESCRIPTION: DiskCache python-diskcache through 5.6.3 uses Python...

[SECURITY] Fedora 42 Update: python-diskcache-5.6.3-12.fc42

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

[SECURITY] Fedora 43 Update: python-diskcache-5.6.3-12.fc43

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

[SECURITY] Fedora 44 Update: python-diskcache-5.6.3-12.fc44

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

Fedora 42 : python-diskcache (2026-9e5037f4e6)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9e5037f4e6 advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora: Security Advisory (FEDORA-2026-319d85836c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-9e5037f4e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : python-diskcache (2026-319d85836c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-319d85836c advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 44 : python-diskcache (2026-56264d0a56)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-56264d0a56 advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Linux Distros Unpatched Vulnerability : CVE-2025-69872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve...

a-simple-llm-kit (>=0.3.0 <=0.4.2), a62-emotion (>=0.9.2 <=0.11.4) +3482 more potentially affected by CVE-2025-69872 via diskcache (>=2.4.1 <=5.6.3)

diskcache PYPI version =2.4.1, =0.3.0, =0.9.2, =0.1.0, =0.2.1, =0.1.1.dev1, =0.3.4, =0.1.1, =0.3.3, =0.0.2, =20260210.0.0, =20260212.0.0 and more Source cves: CVE-2025-69872 Source advisory: OSV:GHSA-W8V5-VHQR-4H9V...

DiskCache has unsafe pickle deserialization

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

DEBIAN-CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

UBUNTU-CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

a-simple-llm-kit (>=0.3.0 <=0.4.2), a62-emotion (>=0.9.2 <=0.11.4) +3482 more potentially affected by CVE-2025-69872 via diskcache (>=2.4.1 <=5.6.3)

diskcache PYPI version =2.4.1, =0.3.0, =0.9.2, =0.1.0, =0.2.1, =0.1.1.dev1, =0.3.4, =0.1.1, =0.3.3, =0.0.2, =20260210.0.0, =20260212.0.0 and more Source cves: CVE-2025-69872 Source advisory: SNYK:PYTHON-DISKCACHE-15268422...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

CVE-2025-69872 affects DiskCache (python-diskcache) up to version 5.6.3, where default pickle-based serialization can lead to arbitrary code execution when a victim application reads from a cache directory that has been written to by an attacker with write access. The provided documents confirm t...