Lucene search
K

758 matches found

vulnersOsv
vulnersOsv
added 2026/04/21 8:38 p.m.9 views

a-mailx (=0.1.0), acdh-xml-validator (>=0.1.0 <=1.1.0) +314 more potentially affected by CVE-2026-41066 via lxml (>=6.0.0 <=6.0.4)

lxml PYPI version =6.0.0, =0.1.0, =0.1.3, =0.1.0, =3.0.7, =1.6.6, =1.44.2, =1.0.0, =0.0.1, =2026.5.23, =25.11.0, =0.1.1, =0.3.3, =0.3.7 and more Source cves: CVE-2026-41066 Source advisory: SNYK:PYTHON-LXML-16119103...

7.5CVSS5.7AI score0.00324EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-34232

Name of the Vulnerable Software and Affected Versions lxml versions prior to 6.1.0 Description Using the default configuration with the resolve entities variable set to True allows untrusted XML input to read local files. This issue affects the iterparse and ETCompatXMLParser functions...

7.5CVSS5.1AI score0.00324EPSS
Exploits1References292
OSV
OSV
added 2026/04/21 12:0 a.m.4 views

OPENSUSE-SU-2026:10596-1 python-lxml-doc-6.1.0-1.1 on GA media

These are all security issues fixed in the python-lxml-doc-6.1.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.8AI score0.00324EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/20 7:15 a.m.5 views

CVE-2026-6616 TransformerOptimus SuperAGI WebScraperTool webpage_extractor.py extract_with_lxml server-side request forgery

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extractwithbs4/extractwith3k/extractwithlxml of the file superagi/helper/webpageextractor.py of the component WebScraperTool. Such manipulation leads to server-side request forgery. I...

6.5CVSS5.2AI score0.00219EPSS
Exploits0References4
CVE
CVE
added 2026/04/20 7:15 a.m.11 views

CVE-2026-6616

TransformerOptimus SuperAGI up to version 0.0.14 contains a server-side request forgery in the WebScraperTool’s webpage_extractor.py, affecting functions extract_with_bs4, extract_with_3k, and extract_with_lxml. The issue arises in superagi/helper/webpage_extractor.py and is exploitable remotely;...

6.5CVSS6AI score0.00219EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/20 7:15 a.m.37 views

CVE-2026-6616 TransformerOptimus SuperAGI WebScraperTool webpage_extractor.py extract_with_lxml server-side request forgery

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extractwithbs4/extractwith3k/extractwithlxml of the file superagi/helper/webpageextractor.py of the component WebScraperTool. Such manipulation leads to server-side request forgery. I...

6.5CVSS0.00219EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.3 views

openSUSE 16 Security Update : python-lxml_html_clean (openSUSE-SU-2026:20345-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20345-1 advisory. Changes in python-lxmlhtmlclean: - CVE-2026-28348: improper keywords checking can allow external CSS loading bsc1259378 - CVE-2026-28350: lack o...

6.1CVSS5.9AI score0.00254EPSS
Exploits2References6
Fedora
Fedora
added 2026/03/12 12:16 a.m.10 views

[SECURITY] Fedora 44 Update: python-lxml-html-clean-0.4.4-1.fc44

HTML cleaner from lxml project...

6.1CVSS5.8AI score0.00254EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.4 views

Fedora 44 : python-lxml-html-clean (2026-f46fc594f3)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f46fc594f3 advisory. Security update for python-lxml-html-clean Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

6.1CVSS5.9AI score0.00254EPSS
Exploits2References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/12 12:0 a.m.8 views

Security update for python-lxml_html_clean (moderate)

openSUSE security update: security update for python-lxmlhtmlclean ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20345-1 Rating: moderate References: bsc1259378 bsc1259379 Cross-References: CVE-2026-28348 CVE-2026-28350 Affected Products: openSUSE...

6.1CVSS5.8AI score0.00254EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.6 views

Fedora 42 : python-lxml-html-clean (2026-154efc6066)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-154efc6066 advisory. Security update for python-lxml-html-clean Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

6.1CVSS5.9AI score0.00254EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.10 views

Fedora 43 : python-lxml-html-clean (2026-fdded962b2)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fdded962b2 advisory. Security update for python-lxml-html-clean Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

6.1CVSS5.9AI score0.00254EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2026/03/12 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2026-154efc6066)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.8AI score0.00254EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2026/03/12 12:0 a.m.1 views

Fedora: Security Advisory (FEDORA-2026-fdded962b2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.8AI score0.00254EPSS
Exploits2References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/11 12:0 a.m.5 views

python311-lxml_html_clean-0.4.4-1.1 on GA media (moderate)

python311-lxmlhtmlclean-0.4.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10322-1 Rating: moderate Cross-References: CVE-2026-28348 CVE-2026-28350 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues...

6.1CVSS5.8AI score0.00254EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2026/03/10 12:24 a.m.4 views

SUSE CVE-2026-28348

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the hassneakyjavascript method strips backslashes before checking for dangerous CSS keywords. This causes CSS Unicode escape sequences to bypass the @import and expression filters,...

6.1CVSS5.7AI score0.00228EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/10 12:24 a.m.5 views

SUSE CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS5.7AI score0.00254EPSS
Exploits1References3
OSV
OSV
added 2026/03/10 12:0 a.m.7 views

OPENSUSE-SU-2026:10322-1 python311-lxml_html_clean-0.4.4-1.1 on GA media

These are all security issues fixed in the python311-lxmlhtmlclean-0.4.4-1.1 package on the GA media of openSUSE Tumbleweed...

6.1CVSS5.8AI score0.00254EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-28348

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the hassneakyjavascript method strips...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-28350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner...

6.1CVSS7.2AI score0.00254EPSS
Exploits1References3
Rows per page
Query Builder