CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/05/05 9:22 a.m.•5 views

Moderate: Red Hat Security Advisory: python-tornado security update

An update for python-tornado is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.7CVSS7.2AI score0.00028EPSS

Exploits0References3

EUVD•added 2026/05/05 6:31 a.m.•2 views

EUVD-2026-27211

A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function createnotebook/readnotebook/editcell/addcell of the file server.py. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit h...

7.5CVSS6.8AI score0.00066EPSS

Exploits0References6

NVD•added 2026/05/05 4:16 a.m.•13 views

CVE-2026-7810

7.5CVSS0.00066EPSS

Vulnrichment•added 2026/05/05 3:45 a.m.•4 views

CVE-2026-7810 UsamaK98 python-notebook-mcp server.py add_cell path traversal

7.5CVSS6.8AI score0.00066EPSS

ATTACKERKB•added 2026/05/05 3:45 a.m.•0 views

CVE-2026-7810

7.5CVSS6.8AI score0.00066EPSS

OSV•added 2026/05/05 1:25 a.m.•2 views

CLSA-2026-1777944317 Fix CVE(s): CVE-2025-8194, CVE-2026-4519, CVE-2026-4786

SECURITY UPDATE: tarfile DoS via negative member offsets - debian/patches/CVE-2025-8194.patch: validate that member offsets are non-negative in Lib/tarfile.py. - CVE-2025-8194 SECURITY UPDATE: webbrowser.open accepts URLs with leading dashes - debian/patches/CVE-2026-4519-CVE-2026-4786.patch:...

7.5CVSS6.8AI score0.01007EPSS

Exploits0References1

Tenable Nessus•added 2026/05/05 12:0 a.m.•3 views

SUSE SLES16 Security Update : python-jwcrypto (SUSE-SU-2026:21425-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:21425-1 advisory. - CVE-2026-39373: weak mitigation for JWT bomb attack in the deserialize function can lead to memory exhaustion via crafted compressed JWE...

5.3CVSS5.8AI score0.00105EPSS

Exploits1References4

Redos•added 2026/05/05 12:0 a.m.•2 views

ROS-20260505-73-0060

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

6CVSS7.2AI score0.00052EPSS

6CVSS7.3AI score0.00205EPSS

ROS-20260505-73-0053

A vulnerability in the http.cookies.Morsel component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

Redos•added 2026/05/05 12:0 a.m.•4 views

ROS-20260505-73-0015

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.3AI score0.00057EPSS

Tenable Nessus•added 2026/05/05 12:0 a.m.•4 views

RHEL 9 : python3.11 (RHSA-2026:13692)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13692 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

9.1CVSS7.8AI score0.00164EPSS

Exploits0References6

Tenable Nessus•added 2026/05/05 12:0 a.m.•3 views

Oracle Linux 7 : python (ELSA-2026-9614)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9614 advisory. 2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

7CVSS5.8AI score0.00015EPSS

Exploits0References2

5.7CVSS6.2AI score0.00046EPSS

ROS-20260505-73-0043

Vulnerability in python3.12 related to failure to take measures to neutralize crlf sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.3CVSS7.1AI score0.00128EPSS

ROS-20260505-73-0027

A vulnerability in the appendChild and clearidcache functions of the Python programming language interpreter CPython is related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6CVSS7.3AI score0.00052EPSS

ROS-20260505-73-0049

A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

Redos•added 2026/05/05 12:0 a.m.•2 views

ROS-20260505-73-0019

7.5CVSS7.3AI score0.00057EPSS

Redos•added 2026/05/05 12:0 a.m.•5 views

ROS-20260505-73-0068

A vulnerability in the base64 module of the Python programming language interpreter is related to incorrect data type conversion. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...

6.3CVSS6.2AI score0.00047EPSS

Exploits1

Redos•added 2026/05/05 12:0 a.m.•5 views

ROS-20260505-73-0069

6.3CVSS6.2AI score0.00047EPSS

Exploits1

Redos•added 2026/05/05 12:0 a.m.•2 views

ROS-20260505-73-0035

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00031EPSS