Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-021503)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021503 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion whe...

CVE-2026-5140

Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4...

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to this CVE-2026-30922

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service (CVE-2026-30922)

Summary IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Python module pyasn1 CVE-2026-30922 Vulnerability Details...

Amazon Linux 2 : python-pyasn1, --advisory ALAS2-2026-3215 (ALAS-2026-3215)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3215 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply neste...

CVE-2026-34231

Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...

CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag

Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...

CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag

Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...

CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag

Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...

CVE-2026-34231

Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...

OPENSUSE-SU-2026:10393-1 python311-pyasn1-0.6.3-1.1 on GA media

These are all security issues fixed in the python311-pyasn1-0.6.3-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-30922

CVE-2026-30922 affects the Python pyasn1 library. Prior to version 0.6.3, parsing deeply nested ASN.1 data with thousands of nested SEQUENCE/SET tags and Indefinite Length markers can trigger uncontrolled recursion, causing a RecursionError or exhausting memory (OOM) and crashing the host applica...

Linux Distros Unpatched Vulnerability : CVE-2026-30922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursio...

CVE-2026-25528 LangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header Injection

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnerable to Server-Side Request Forgery via malicious HTTP headers. An attacker can inject arbitrary apiurl values through the baggage header, causing the SDK to...

CVE-2021-41591

ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure...

CVE-2025-14068 WPNakama <= 0.6.3 - Unauthenticated SQL Injection via 'order_by' Parameter

The WPNakama plugin for WordPress is vulnerable to time-based SQL Injection via the 'orderby' parameter in all versions up to, and including, 0.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

cggmp21 安全漏洞

cggmp21 is a Rust library open-sourced by Lockness. A security vulnerability exists in cggmp21 versions 0.6.3 and earlier and 0.7.0-alpha.1, which stems from improper use of pre-signatures in a manner that may result in reduced security...

EUVD-2025-6594

Malicious code in bioql PyPI...

EUVD-2025-6927

Malicious code in bioql PyPI...

EUVD-2025-7851

Malicious code in bioql PyPI...