57450 matches found
RHEL 9 : python-tornado (RHSA-2026:13670)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13670 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
SUSE SLES16 Security Update : python-Mako (SUSE-SU-2026:21426-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:21426-1 advisory. This update for python-Mako fixes the following issue: - CVE-2026-41205: Prior to 1.3.11, TemplateLookup.gettemplate is vulnerable to path...
ROS-20260505-73-0067
A vulnerability in the base64 module of the Python programming language interpreter is related to incorrect data type conversion. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...
ROS-20260505-73-0058
Vulnerability in python3.12 related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260505-73-0056
Vulnerability in python3.10 related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260505-73-0070
A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260505-73-0065
A vulnerability in the base64 module of the Python programming language interpreter is related to incorrect data type conversion. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...
ROS-20260505-73-0018
A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260505-73-0012
A vulnerability in the http.cookies library of the Python programming language interpreter CPython is related to improper encoding or escaping of output data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information...
ROS-20260505-73-0017
A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Oracle Linux 9 : python-tornado (ELSA-2026-13670)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-13670 advisory. 6.5.5-1.1 - Update to 6.5.5 Resolves: RHEL-160941 Tenable has extracted the preceding description block directly from the Oracle Linux security...
CVE-2026-7784 RTGS2017 NagaAgent Skills Endpoint extensions.py path traversal
A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. T...
catalystcoop-ferc-xbrl-extractor (>=0.6.1 <=0.8.4), catalystcoop-pudl (>=2022.11.30 <=2022.11.30.post1) +1 more potentially affected by CVE-2026-42796 via arelle-release (>=2.10.8 <=2.2.4)
arelle-release PYPI version =2.10.8, =0.6.1, =2022.11.30, =0.6.1, =0.7.0rc1 Source cves: CVE-2026-42796 Source advisory: SNYK:PYTHON-ARELLERELEASE-16635954...
CVE-2026-42234
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This...
CVE-2026-42234 n8n: Python Task Runner Sandbox Escape
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This...
CVE-2026-42234
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This...
CVE-2026-42234
CVE-2026-42234 affects n8n, an open‑source workflow automation platform. Before versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user who can create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container....
CVE-2026-42234 n8n: Python Task Runner Sandbox Escape
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This...
EUVD-2026-27109
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This...
DotNetRemotingExploitPy
No d...