Astra Linux - уязвимость в python3.11

There is a HIGH-severity vulnerability affecting the CPython “zipfile” module, specifically the “zipfile.Path” class. It should be noted that the more commonly used API “zipfile.ZipFile” class is not affected. When iterating over the names of entries in a zip archive for example, methods like...

Astra Linux - уязвимость в python3.7, python2.7

A issue was discovered in Python before version 3.11.1. An unnecessary quadratic algorithm exists in one path when processing certain inputs to the IDNA RFC 3490 decoder. This can lead to an excessive CPU usage when a maliciously crafted, unreasonably long hostname is provided to the decoder...

pentest-automation-framework

pentest-automation-framework Built this to speed up structure...

Malicious code in gauth-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aea1fab5eb3b9422c65232e53e79eb71ba3436355601cd61e7a7b0177779df4e Package impersonates Google and attempts to exfiltrate various credential files. It also setups PTH file for automated start during Python initialization. In t...

MAL-2026-3252 Malicious code in gauth-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aea1fab5eb3b9422c65232e53e79eb71ba3436355601cd61e7a7b0177779df4e Package impersonates Google and attempts to exfiltrate various credential files. It also setups PTH file for automated start during Python initialization. In t...

MAL-2026-3251 Malicious code in puan31 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27d04731b8fc3968b624ec2435d48b09d1afffb46fefb44745c2c8ff31bf4855 During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like the browser's history and sensiti...

Malicious code in rostilesolver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eef0922e5bb8ba3371baad4b76542215ff15e445a9d6ed6fb5546230fe5da4df During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-3250 Malicious code in rostilesolver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eef0922e5bb8ba3371baad4b76542215ff15e445a9d6ed6fb5546230fe5da4df During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in puan4 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6be2e7028440f68ad3621664d195d72288e6a1d8658f16a421f3ec52d63d6f7a During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like sensitive files and browsers' dat...

Malicious code in puan3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 531ab02814e67f81e5c82fb57b72d59c3972d0975932f6e9d00ea680040e9a13 During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like the browser's history and sensiti...

Webmin-1.910-Exploit-Script

Webmin-1.910-Exploit-Script Python 3 🔥 Remote Code Execu...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

/ | | | | |...

MiracleLinux 9 : python3.12-3.12.12-4.el9_7.3 (AXSA:2026-519:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-519:12 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

Fedora 43 : python3.14 (2026-97a8eb204a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-97a8eb204a advisory. Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-5713, CVE-2026-6100 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : python3.11-3.11.13-7.el8_10 (AXSA:2026-522:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-522:10 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

MiracleLinux 8 : python3.12-3.12.13-2.el8_10 (AXSA:2026-523:13)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-523:13 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-593...

MiracleLinux 9 : python3.11-3.11.13-5.3.el9_7 (AXSA:2026-521:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-521:09 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

Lyussfyuring002

lyussfyuring002 web exploitation + OSINT toolkit for people...

Malicious code in aocl-sparse-v3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10c555ef158bbcd1dd710fca14862d1cad9ad87ed4f4c35bf9c51d0a8a4fcdac Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-3236 Malicious code in aocl-sparse-v3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10c555ef158bbcd1dd710fca14862d1cad9ad87ed4f4c35bf9c51d0a8a4fcdac Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...