CVE-2026-34444

Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attributefilter is not consistently applied when attributes are accessed through built-in functions like getattr and setattr. This allows an attacker to bypass the intended restrictions and eventually achieve arbitra...

Lupa 安全漏洞

Lupa is a bridging library developed by Scoder’s individual developers, which embeds the Lua runtime into Python. Versions of Lupa 2.6 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the fact that the property filter was not consistently applied in built-in...

GHSA-6VH2-H83C-9294 PraisonAI: Python Sandbox Escape via str Subclass startswith() Override in execute_code

Summary executecode in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden startswith method to the safegetattr wrapper, achieving arbitrary OS command execution on the host. Details pythontools.py:2...

CVE-2026-33139

PySpector is a static analysis security testing SAST Framework engineered for modern Python development workflows. PySpector versions 0.1.6 and prior are affected by a security validation bypass in the plugin system. The validateplugincode function in pluginsystem.py, performs static AST analysis...

CVE-2026-33139

PySpector is a static analysis security testing SAST Framework engineered for modern Python development workflows. PySpector versions 0.1.6 and prior are affected by a security validation bypass in the plugin system. The validateplugincode function in pluginsystem.py, performs static AST analysis...

PySpector has a Plugin Sandbox Bypass leads to Arbitrary Code Execution

Summary PySpector versions = 0.1.6 are affected by a security validation bypass in the plugin system. The validateplugincode function in pluginsystem.py, performs static AST analysis to block dangerous API calls before a plugin is trusted and executed. However, the internal resolvename helper onl...

PT-2026-26196

Name of the Vulnerable Software and Affected Versions PySpector versions 0.1.6 and prior Description PySpector, a static analysis security testing framework for Python development, is affected by a security validation bypass in its plugin system. The validate plugin code function in plugin...

SUSE CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

UBUNTU-CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2025-71223

CVE-2025-71223 affects the Linux kernel's ksmbd SMB server path (smb2_open and ksmbd_vfs_getattr). The issue is a refcount leak when ksmbd_vfs_getattr() fails, potentially causing resource leakage and local impact. A kernel update fixing the refcount leak is provided by the referenced advisories ...

CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2025-71223 smb/server: fix refcount leak in smb2_open()

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

CVE-2025-71223 smb/server: fix refcount leak in smb2_open()

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

picklescan missing detection by simple obfuscation of a `builtins.eval` call

Summary An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the host loading a pickle payload from an untrusted source. Details It's possible to hide the eval call nested under another callable via getattr. PoC python import builtins class EvilClas...

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the getattr function. An attacker can execute arbitrary code by crafting a malicious pickle file that...

GHSA-9M3X-QQW2-H32H picklescan missing detection by simple obfuscation of a `builtins.eval` call

Summary An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the host loading a pickle payload from an untrusted source. Details It's possible to hide the eval call nested under another callable via getattr. PoC python import builtins class EvilClas...

SUSE CVE-2025-71153

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix memory leak in getfileallinfo In getfileallinfo, if vfsgetattr fails, the function returns immediately without freeing the allocated filename, leading to a memory leak. Fix this by freeing the filename before returning...

CVE-2025-71153

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix memory leak in getfileallinfo In getfileallinfo, if vfsgetattr fails, the function returns immediately without freeing the allocated filename, leading to a memory leak. Fix this by freeing the filename before returning...