MAL-2026-3403 Malicious code in textwrap-formatter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 18da24e92fd40457ad3df2af568c07d41b35f44e6e07e8fac3bf0eafba9c2154 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new authorized SSH key...

How to Manually Update GPG key on Veeam Hardened Repository Appliance

Article Applicability This article is specifically regarding the Veeam Hardened Repository ISO v2 appliance, which was distributed alongside Veeam Backup & Replication 12. For information about manually updating the GPG key on the appliances associated with Veeam Backup & Replication 13, review...

CVE-2026-3236

CVE-2026-3236 affects Octopus Server in affected versions where an attacker can create a new API key from an existing access token, resulting in a new API key with a lifetime longer than the original token. According to the advisory, this yields a low-severity, network-exploitable issue with low ...

CVE-2025-55293 Meshtastic allows crafting of specific NodeInfo packets that overwrite any publicKey saved in the NodeDB

Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a new key. First sending a empty key bypasses 'if p.publickey.size 0 ', clearing the existing publicKey and resetting the size to 0 for a know...

PT-2023-36149 · Fwupd · Fwupd

Name of the Vulnerable Software and Affected Versions: fwupd affected versions not specified Description: The issue is related to the secure boot key. The package has been rebuilt with a new secure boot key. Recommendations: At the moment, there is no information about a newer version that contai...

PT-2023-12743 · Onos · Onos

Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered where a remote attacker can install a duplicate intent with a different key and then remove the duplicate one, resulting in the removal of the flow rules of the intent, even though the...

PT-2023-36128 · Grub2 · Grub2

Name of the Vulnerable Software and Affected Versions: grub2 affected versions not specified Description: The issue with grub2 is related to secure boot. The package has been rebuilt with a new secure boot key. Recommendations: At the moment, there is no information about a newer version that...

OPENSUSE-SU-2023:0022-1 Security update for tor

This update for tor fixes the following issues: tor 0.4.7.13: fix SafeSocks option to avoid DNS leaks boo1207110, TROVE-2022-002 improve congestion control fix relay channel handling tor 0.4.7.12: new key for moria1 new metrics are exported on the MetricsPort for the congestion control subsystem...

Veeam repository update fails, GPG key error

Challenge When attempting to update the Veeam Agent for Linux or the veeam-release repository package, an error is encountered: GPG key signature on key http://repository.veeam.com/keys/RPM-GPG-KEY-VeeamSoftwareRepo.asc does not match CA Key for repo: veeam or The following signatures were invali...

Fedora 9 : PackageKit-0.2.5-1.fc9 / fedora-release-9-5.transition / gnome-packagekit-0.2.5-2.fc9 (2008-7748)

This fedora-release update introduces a new set of Fedora Updates and Updates Testing repo definitions. These new definitions point to new URLS for our update content signed with a new key. This update also provides Fedora 8 and 9's new package signing keys. This update is a transitional update t...