Fedora 44 : python-msal (2026-64b1c7aa6b)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-64b1c7aa6b advisory. Update to v1.36.0 Full changelog: https://github.com/AzureAD/microsoft-authentication-library-for-python/releases/tag/1.36.0 Tenable has extracted the...

CVE-2026-7066

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function execopenstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has...

MAL-2026-3048 Malicious code in robase-gui-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6c53f61007a9e23f2c47112de5225aa8e364f5aeb45c99d22084d6fb08b2179e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-3047 Malicious code in robase-gui (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffbeda05758af4fb3c32de434df674102718336d499124f08b158271e4a08f7e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4

...

Malicious code in quicktestybesty (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 459aa54bf8ac82101b14d4f85d01dde304aa638276b69a76254ff080ea52d5af During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

OPENSUSE-SU-2026:10622-1 python313-mitmproxy-12.2.2-1.1 on GA media

These are all security issues fixed in the python313-mitmproxy-12.2.2-1.1 package on the GA media of openSUSE Tumbleweed...

python311-Mako-1.3.11-1.1 on GA media (moderate)

python311-Mako-1.3.11-1.1 on GA media Announcement ID: openSUSE-SU-2026:10616-1 Rating: moderate Cross-References: CVE-2026-41205 CVSS scores: CVE-2026-41205 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2026-41205 SUSE : 7.7...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

-CVE-201...

ac-solver (=0.1.0), acedeploy (>=2.4.15 <=2.4.338) +761 more potentially affected by CVE-2026-42284 via gitpython (>=3.0.0 <=3.1.46)

gitpython PYPI version =3.0.0, =2.4.15, =2025.10.17, =0.4.0, =0.4.0, =0.0.5, =1.2.3, =0.4.7, =0.4.7, =0.2.0, =1.0.3, =0.1.8, =0.87.2.dev9, =0.5.0, =0.86.1 and more Source cves: CVE-2026-42284 Source advisory: SNYK:PYTHON-GITPYTHON-16298054...

MAL-2026-3044 Malicious code in quicksolving (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 334524bfbf6438acc5016e76054740cdb532bdd9921695cbcc1852c568226708 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in quicksolving (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 334524bfbf6438acc5016e76054740cdb532bdd9921695cbcc1852c568226708 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-3043 Malicious code in rosolver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0904af239ce7e030d9cde78de066412fb3942a4b12ea8be5c5d45681417230fc During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in rosolver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0904af239ce7e030d9cde78de066412fb3942a4b12ea8be5c5d45681417230fc During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in pycolorlib001 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d13044c47d5f0b928df9bb3c300bbb520cef7df9cc929b859e7f2edd67d8221f During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-3041 Malicious code in robase-library-quick-install (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3655afd9220b8d5df96a51d63e383fd4face5be5f31a2da02bcaf379d6625c6b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

binary-exploitation-buffer-overflow

Stack Buffer Overflow Exploit Demo !Pythonhttps://img.shie...

CodeAlpha_Bug-Bounties-Tool

CodeAlphaBug-Bounties-Tool A lightweight bug bounty automatio...

web-vuln-scanner

🔍 WebVulnScanner v1.0 A production-grade, async Python web...

CVE-2026-6019

A flaw was found in Python's http.cookies module. The Morsel.jsoutput function, responsible for generating JavaScript output for cookies, does not properly neutralize the Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Produc...