RLSA-2025:11992 Important: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

EUVD-2025-16246

Malicious code in bioql PyPI...

EUVD-2023-1486

Malicious code in bioql PyPI...

EUVD-2023-34311

Malicious code in bioql PyPI...

EUVD-2024-45524

Malicious code in bioql PyPI...

EUVD-2025-6299

Malicious code in bioql PyPI...

EUVD-2025-21803

Malicious code in bioql PyPI...

EUVD-2022-39715

Malicious code in bioql PyPI...

EUVD-2025-25908

Malicious code in bioql PyPI...

EUVD-2018-20350

Malicious code in bioql PyPI...

EUVD-2022-30238

Malicious code in bioql PyPI...

EUVD-2023-43676

Malicious code in bioql PyPI...

CVE-2025-59163

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

GHSA-6Q9C-M9FR-865M vet MCP Server SSE Transport DNS Rebinding Vulnerability

SafeDep vet is vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. To exploit this vulnerability following conditions must be met: 1. A vet scan is executed and reports are saved as sqlite3 database 2. A vet MCP server is running on default port with SSE...

ROS-20250929-07

A vulnerability in the SQL concatws function of the SQLite database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service via the malloc parameter...

ROS-20250923-05

A vulnerability in the sqlite3dbconfig function of the sqlite3.c file of the SQLite database management system is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service via the sznBig parameter...

OESA-2025-2256 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

CVE-2025-57141

rsbi-os 4.7 is vulnerable to Remote Code Execution RCE in sqlite-jdbc...

CVE-2025-57806

Local Deep Research is an AI-powered research assistant for deep, iterative research. Versions 0.2.0 through 0.6.7 stored confidential information, including API keys, in a local SQLite database without encryption. This behavior was not clearly documented outside of the database architecture page...

Cleartext Storage of Sensitive Information

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in a local SQLite database. An attacker can access sensitive information,...