57322 matches found
RLSA-2026:19034 Moderate: python-tornado security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
python3.14 security update
An update is available for python3.14. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...
Security update for python-urllib3
This update for python-urllib3 fixes the following issue CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
SUSE-SU-2026:2119-1 Security update for python-urllib3
This update for python-urllib3 fixes the following issue - CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267...
OPENSUSE-SU-2026:20846-1 Security update for python-python-multipart
This update for python-python-multipart fixes the following issues - CVE-2026-40347: crafted multipart/form-data can cause a denial of service bsc1262403. - CVE-2026-42561: denial of service vulnerability in multipart part header parsing bsc1265250...
Exploit for Code Injection in Xwiki
CVE-2025-24893 Exploit de Execução Remota de Código RCE no X...
RockyLinux 10 : python-markdown (RLSA-2026:19155)
The remote RockyLinux 10 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:19155 advisory. python-markdown: denial of service via malformed HTML-like sequences CVE-2025-69534 Tenable has extracted the preceding description block directly from the...
SUSE SLED15 / SLES15 Security Update : python-urllib3_1 (SUSE-SU-2026:2067-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2067-1 advisory. This update for python-urllib31 fixes the following issue - CVE-2026-44431: sensitive information disclosure due to...
OPENSUSE-SU-2026:10900-1 python311-dulwich-1.2.5-1.1 on GA media
These are all security issues fixed in the python311-dulwich-1.2.5-1.1 package on the GA media of openSUSE Tumbleweed...
Security update for python-Pillow (important)
openSUSE security update: security update for python-pillow ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20831-1 Rating: important References: bsc1265153 bsc1265154 bsc1265359 Cross-References: CVE-2026-42308 CVE-2026-42309 CVE-2026-42310 CVSS...
SUSE SLES12 Security Update : python-urllib3 (SUSE-SU-2026:2065-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2065-1 advisory. This update for python-urllib3 fixes the following issue - CVE-2026-44431: sensitive information disclosure due to sensitive headers being...
Linux Distros Unpatched Vulnerability : CVE-2026-48526
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC...
RockyLinux 8 : python-gevent (RLSA-2024:8834)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:8834 advisory. python-gevent: privilege escalation via a crafted script to the WSGIServer component CVE-2023-41419 Tenable has extracted the preceding description block directly...
RockyLinux 10 : python3.14 (RLSA-2026:19019)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19019 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: CPython: Logging Bypass in Legacy .pyc File Handling...
Security update for python-pytest-html (important)
openSUSE security update: security update for python-pytest-html ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20839-1 Rating: important References: bsc1266254 Cross-References: CVE-2026-9277 CVSS scores: CVE-2026-9277 SUSE : 8.1...
Security update for python-mistune (important)
openSUSE security update: security update for python-mistune ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20827-1 Rating: important References: bsc1264347 bsc1264750 bsc1264751 bsc1264752 bsc1264754 bsc1265052 bsc1265053 Cross-References:...
Linux Distros Unpatched Vulnerability : CVE-2026-48155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory...
PT-2026-45056
Bug Report: Arbitrary File Write in Python API Summary Hidden metadata in a webpage causes PraisonAI agents to write attacker-controlled content to arbitrary paths. write file skips path validation when workspace=None always None in production. Affected PraisonAI output file: /tmp/flag.txt output...
Linux Distros Unpatched Vulnerability : CVE-2026-8643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leadin...
MAL-2026-4861 Malicious code in lib-1779997093-yjeeqn (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 adfe3f8b85f731f407f8da6669a76b821b042e4ea1f2fd8fcfddf3293c2ca697 During installation, the package opens a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...