Malicious code in bytedai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6453b603ad8bfd1ff4463c1bd86e1930757b08239ec949b01fbc95ca0c5486a6 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-3086 Malicious code in bytedai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6453b603ad8bfd1ff4463c1bd86e1930757b08239ec949b01fbc95ca0c5486a6 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in bytedvefaas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a19e705383e238bb8f9fcddce486d3b46640201c5296961abd59054c030f2049 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-3099 Malicious code in bytedvod (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c2b90eec61e5e2a472f910011acc1e66e407b4a240e907ac74289221e1a5e83f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in bytedbackground (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab2e307770a6b144edad3254d316375ed3cdad0a56f21438b28bcc0f1a17fcb9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-3096 Malicious code in bytedtccc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3ffa89455e2b287319982cda83447a21535ba442b7532714ca2867a935712bcb Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-3092 Malicious code in bytedmem (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 410777f44f683eff2ab28c9dc499058d36f39204f834dd2040ed9b5bbf628174 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in bytedpgsql (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 645f636a2360d86d320bbf691de6457d8df8a7e066fa3fce10b8a85f8576a7a2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

GHSA-58QW-9MGM-455V vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-katib, py3-pip, pypy-3.11, pypy-3.10, py3-pip-wheel-bootstrap, datadog-agent...

python3.11 security update

3.11.13-5.3.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167913, RHEL-168155...

RHEL 8 : python3.12 (RHSA-2026:10950)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10950 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Fedora 44 : python-cryptography (2026-aa318887d6)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aa318887d6 advisory. Changelog Wed Apr 8 2026 Jeremy Cline - 46.0.7-1 - Update to 46.0.7 - SECURITY ISSUE: Fixed an issue where non-contiguous buffers could be passed to APIs tha...

pip 安全漏洞

pip is a Python package installer developed by the Python Packaging Authority. Versions of pip prior to 26.1 contained security vulnerabilities. These vulnerabilities stemmed from the self-update check feature, which ran after the installation of wheel files, potentially leading to the import of...

RHEL 8 : python3.11 (RHSA-2026:11062)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11062 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Fedora 44 : python-flask-httpauth (2026-fd53570465)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-fd53570465 advisory. Update to version 4.8.1 2454342 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

python-ecdsa DER Parser Security Test Suite

This Python script is a security test and validation suite for the python-ecdsa library, focused on detecting potential DER Distinguished Encoding Rules parsing anomalies that may relate to CVE-2026-33936...

RHEL 9 : python3.12 (RHSA-2026:10745)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10745 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...