MiracleLinux 9 : python3.9-3.9.25-3.el9_7.3 (AXSA:2026-513:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-513:04 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

Security update for python-jwcrypto (important)

openSUSE security update: security update for python-jwcrypto ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20644-1 Rating: important References: bsc1261802 Cross-References: CVE-2026-39373 CVSS scores: CVE-2026-39373 SUSE : 7.5...

Malicious code in rblx-http (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b0078ee9b9f6221ab242c9f2442f86670e320a5058c306590b5e5b458066e414 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-3191 Malicious code in rblx-https (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4b7d7435a6bcfd1a9437108a21af9ca6be7c60aa1e0c6e9e90a40ac43b26cf67 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in rblx-https (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4b7d7435a6bcfd1a9437108a21af9ca6be7c60aa1e0c6e9e90a40ac43b26cf67 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

exploit-db-skill

Exploit-DB Skill Cross-Platform Small cross-platform helper...

MAL-2026-3192 Malicious code in ro-db (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2bd23f786275f7f9939deab001c8b06daaba21ad7dcb861fd6bb9cdd2e3d830c During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

n8n has a Python Task Runner Sandbox Escape Vulnerability

Impact An authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. - This issue only affects instances where the Python Task Runner is enabled. Patches The issue has...

GHSA-44V6-JHGM-P3M4 n8n has a Python Task Runner Sandbox Escape Vulnerability

Impact An authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. - This issue only affects instances where the Python Task Runner is enabled. Patches The issue has...

aana (>=0.2.1 <=0.2.2.2), adaptive-kmpc-py (>=0.1.0 <=0.1.1) +1019 more potentially affected by CVE-2026-44484 via lightning (>=1.8.6 <=2.6.1)

lightning PYPI version =1.8.6, =0.2.1, =0.1.0, =2.0.0, =1.3.0, =0.2.0, =2025.4.0, =0.0.0, =0.1.11, =1.8.15, =1.8.17, =1.8.14, =0.1.16, =1.0.1rc1 and more Source cves: CVE-2026-44484 Source advisory: SNYK:PYTHON-LIGHTNING-16323121...

CVE-2026-7466

AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipelinepath parameter to the POST /api/runs and POST /api/runs/validate endpoints. Attackers can induce requests to the local AgentFlow API to...

CVE-2026-7466 AgentFlow Arbitrary Python Pipeline Execution via pipeline_path

AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipelinepath parameter to the POST /api/runs and POST /api/runs/validate endpoints. Attackers can induce requests to the local AgentFlow API to...

EUVD-2026-26279

AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipelinepath parameter to the POST /api/runs and POST /api/runs/validate endpoints. Attackers can induce requests to the local AgentFlow API to...

MAL-2026-3175 Malicious code in bbranger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9cb5c90bcde5bf7b63607d4bf5e7be1ccb7b5c9eb2eb92e32dab102be5df3687 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

OPENSUSE-SU-2026:20650-1 Security update for python-PyNaCl

This update for python-PyNaCl fixes the following issues: Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint function bsc1255764. Other fixes: - update to 1.6.2 bsc1255764, CVE-2025-69277:...

SUSE-SU-2026:21431-1 Security update for python-PyNaCl

This update for python-PyNaCl fixes the following issues: Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint function bsc1255764. Other fixes: - update to 1.6.2 bsc1255764, CVE-2025-69277:...

OPENSUSE-RU-2026:20649-1 Recommended update for python-urllib3

This update for python-urllib3 fixes the following issue: - Fix regression in CVE-2025-66471.patch bsc1254867...

SUSE-RU-2026:21397-1 Recommended update for python-urllib3

This update for python-urllib3 fixes the following issue: - Fix regression in CVE-2025-66471.patch bsc1254867...

SUSE-RU-2026:21430-1 Recommended update for python-urllib3

This update for python-urllib3 fixes the following issue: - Fix regression in CVE-2025-66471.patch bsc1254867...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...