Lucene search
K

366 matches found

Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.13 views

PT-2026-55745

Name of the Vulnerable Software and Affected Versions yt-dlp versions prior to 2026.07.04 Description Improper sanitization of output when using the --write-link option allows for downstream command injection. This occurs because shortcut file data is not properly validated and sanitized before...

7.5CVSS6AI score0.00554EPSS
Exploits0References10
OSV
OSV
added 2026/06/29 12:0 a.m.5 views

ALSA-2026:32992 Important: python3.12-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References6
OSV
OSV
added 2026/06/24 12:3 p.m.5 views

RLSA-2026:28247 Important: python3.14 security, bug fix, and enhancement update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS6.3AI score0.0029EPSS
Exploits1References3
OSV
OSV
added 2026/06/24 12:3 p.m.8 views

RLSA-2026:28157 Important: python3.14-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS5.9AI score0.0068EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/24 5:8 a.m.9 views

Important: Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update

An update for python3.14 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.1CVSS6.4AI score0.0029EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

AlmaLinux 10 : python3.14 (ALSA-2026:28581)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28581 advisory. python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open API CVE-2026-4786 python: Python: Cross-Site Scripting XSS...

7.1CVSS6.4AI score0.0029EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

RHEL 10 : python3.14 (RHSA-2026:28581)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28581 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

7.1CVSS6.4AI score0.0029EPSS
Exploits1References6
Redos
Redos
added 2026/06/23 12:0 a.m.5 views

ROS-20260623-73-0014

Vulnerability in Python 3.11 related to the lack of measures taken to clean data at the management level. Exploitation of this vulnerability allows a remote attacker to execute arbitrary commands...

7.1CVSS6.2AI score0.0029EPSS
Exploits0
OSV
OSV
added 2026/06/23 12:0 a.m.4 views

ALSA-2026:28247 Important: python3.14 security, bug fix, and enhancement update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS6.3AI score0.0029EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.8 views

Fedora 43 : python3.13 (2026-2deb979d80)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2deb979d80 advisory. New Python release including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...

9.1CVSS6.2AI score0.0079EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/12 11:53 p.m.83 views

kiro-cybersecurity-skills

CyberSecurity Skills A collection of 15 security workflows co...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.67 views

PT-2026-48600

Name of the Vulnerable Software and Affected Versions PDM versions prior to 2.28.0-1.1 Description PDM writes project-local state and configuration files without symlink protection, allowing a malicious repository to use symlinks to overwrite files outside the repository root. This creates an...

6.8CVSS6AI score0.00024EPSS
Exploits0References12
OSV
OSV
added 2026/06/03 2:21 p.m.6 views

SUSE-SU-2026:2257-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

8.7CVSS7.1AI score0.00375EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2026/06/03 2:16 p.m.6 views

Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

8.7CVSS7.2AI score0.00375EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/06/03 2:13 p.m.8 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
SUSE Linux
SUSE Linux
added 2026/06/03 2:5 p.m.10 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
OSV
OSV
added 2026/05/29 4:3 p.m.20 views

RLSA-2026:19064 Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.1CVSS7.7AI score0.01279EPSS
Exploits1References13
Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.23 views

python3.14 security update

An update is available for python3.14. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

9.1CVSS6.4AI score0.00621EPSS
Exploits0
CVE
CVE
added 2026/05/27 7:35 p.m.39 views

CVE-2026-45134

LangSmith CVE-2026-45134 affects LangSmith Client SDKs with prompt-pull methods that fetch/deserialize prompt manifests from LangSmith Hub. The issue allows manifest content to be influenced by external parties when pulling a public prompt (owner/name), because prior SDKs did not distinguish such...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ was used. The intermediate-level directories of the filesystem cache had the system’s standard umask instead of 0o077...

7.5CVSS7.4AI score0.0327EPSS
Exploits0References2
Rows per page
Query Builder