Lucene search
+L

6 matches found

Chainguard
Chainguard
added 3 days ago6 views

CVE-2026-11940 vulnerabilities

Vulnerabilities for packages: python...

7.8CVSS6.1AI score0.00613EPSS
Exploits0
RedHat Linux
RedHat Linux
added last week5 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.14: python3.14-3.14.6-1.4.hum1 aarch64, x8664 python3.14-debug-3.14.6-1.4.hum1 aarch64, x8664 python3.14-devel-3.14.6-1.4.hum1 aarch64, x8664 python3.14-freethreading-3.14.6-1.4.hum1...

7.8CVSS6.6AI score0.00805EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added last week6 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.13: python3.13-3.13.14-1.4.hum1 aarch64, x8664 python3.13-debug-3.13.14-1.4.hum1 aarch64, x8664 python3.13-devel-3.13.14-1.4.hum1 aarch64, x8664 python3.13-freethreading-3.13.14-1.4.hum1...

7.8CVSS6.6AI score0.00805EPSS
Exploits2References4
Circl
Circl
added 2026/06/23 5:15 p.m.9 views

CVE-2026-11940

creationtimestamp| type| source ---|---|--- 2026-06-23 17:15:06+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3moxvn5enye2b 2026-06-25 12:00:20+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mp4eyb6hgs2o 2026-06-28 02:30:22+00:00| seen|...

7.8CVSS5.7AI score0.00613EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 4:4 p.m.3 views

CVE-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS5.9AI score0.00613EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/23 4:4 p.m.83 views

CVE-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS0.00613EPSS
Exploits0References8
Rows per page
Query Builder