CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

665 matches found

RedHat Linux•added 2026/02/04 7:31 p.m.•4 views

Important: Red Hat Security Advisory: python3.12-wheel security update

An update for python3.12-wheel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

7.1CVSS6.8AI score0.00278EPSS

Exploits2References2

RedHat Linux•added 2026/02/04 11:59 a.m.•5 views

wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...

7.1CVSS6.3AI score0.00278EPSS

Exploits2References7

RedHat Linux•added 2026/02/04 11:59 a.m.•10 views

Important: Red Hat Security Advisory: python-wheel security update

An update for python-wheel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.1CVSS6.8AI score0.00278EPSS

Exploits2References2

Packet Storm News•added 2026/02/04 12:0 a.m.•2 views

Trojan Attacks on Neural Network Controllers for Robotic Systems

Neural network controllers are increasingly deployed in robotic systems for tasks such as trajectory tracking and pose stabilization. However, their reliance on potentially untrusted training pipelines or supply chains introduces significant security vulnerabilities. This paper investigates...

5.5AI score

Exploits0

AlmaLinux•added 2026/02/04 12:0 a.m.•5 views

Important: python3.12-wheel security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS5.7AI score0.00278EPSS

Exploits2References4

Tenable Nessus•added 2026/02/04 12:0 a.m.•2 views

openSUSE 16 Security Update : python-wheel (openSUSE-SU-2026:20147-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20147-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Tenable has extracted the preceding...

7.1CVSS7.5AI score0.00278EPSS

Exploits2References3

Tenable Nessus•added 2026/02/04 12:0 a.m.•1 views

RHEL 10 : python-wheel (RHSA-2026:1902)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1902 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

7.1CVSS7.5AI score0.00278EPSS

Exploits2References4

OSV•added 2026/02/04 12:0 a.m.•3 views

ALSA-2026:1902 Important: python-wheel security update

7.1CVSS5.3AI score0.00278EPSS

Exploits2References4

OSV•added 2026/02/04 12:0 a.m.•3 views

ALSA-2026:1939 Important: python3.12-wheel security update

7.1CVSS5.7AI score0.00278EPSS

Exploits2References4

RedhatCVE•added 2026/02/03 3:32 a.m.•2 views

CVE-2026-1703

A flaw was found in pip. A remote attacker could exploit this path traversal vulnerability by tricking a user into installing a maliciously crafted wheel archive. This could lead to files being extracted outside the intended installation directory, potentially disclosing sensitive information...

3.9CVSS5.2AI score0.0039EPSS

Exploits1References6

SUSE CVE•added 2026/02/03 12:24 a.m.•4 views

SUSE CVE-2026-1703

When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...

3.1CVSS5.4AI score0.0039EPSS

Exploits1References6

OPENSUSE Linux•added 2026/02/03 12:0 a.m.•3 views

Security update for python-wheel (important)

openSUSE security update: security update for python-wheel ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20147-1 Rating: important References: bsc1257100 Cross-References: CVE-2026-24049 CVSS scores: CVE-2026-24049 SUSE : 7.7...

7.7CVSS5.5AI score0.00278EPSS

Exploits2References1

Snyk•added 2026/02/02 3:30 p.m.•1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the iswithindirectory function, during the extraction process of maliciously crafted wheel archives. An attacker can write files outside the intended installation directory by including specially crafted file pat...

3.9CVSS6.4AI score0.0039EPSS

Exploits1References2