Lucene search
+L

6 matches found

Chainguard
Chainguard
added 5 days ago8 views

CVE-2026-11940 vulnerabilities

Vulnerabilities for packages: python...

7.8CVSS6.1AI score0.00613EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/10 8:50 p.m.7 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.14: python3.14-3.14.6-1.4.hum1 aarch64, x8664 python3.14-debug-3.14.6-1.4.hum1 aarch64, x8664 python3.14-devel-3.14.6-1.4.hum1 aarch64, x8664 python3.14-freethreading-3.14.6-1.4.hum1...

7.8CVSS6.6AI score0.00805EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2026/07/10 8:25 p.m.6 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.13: python3.13-3.13.14-1.4.hum1 aarch64, x8664 python3.13-debug-3.13.14-1.4.hum1 aarch64, x8664 python3.13-devel-3.13.14-1.4.hum1 aarch64, x8664 python3.13-freethreading-3.13.14-1.4.hum1...

7.8CVSS6.6AI score0.00805EPSS
Exploits2References4
Circl
Circl
added 2026/06/23 5:15 p.m.9 views

CVE-2026-11940

creationtimestamp| type| source ---|---|--- 2026-06-23 17:15:06+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3moxvn5enye2b 2026-06-25 12:00:20+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mp4eyb6hgs2o 2026-06-28 02:30:22+00:00| seen|...

7.8CVSS5.7AI score0.00613EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 4:4 p.m.85 views

CVE-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS0.00613EPSS
Exploits0References8
OSV
OSV
added 2026/06/23 4:4 p.m.5 views

CVE-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS5.9AI score0.00613EPSS
Exploits0References11
Rows per page
Query Builder