RHSA-2026:9745 Red Hat Security Advisory: python3 security update

Bulletin has no description...

RHSA-2026:9705 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

web-vulnerability-scanner

web-vulnerability-scanner This Reposito...

hospital-waf-mcp

Hospital WAF Management System Release: v1.0.0 Languag...

CVE-2026-41206

PySpector is a static analysis security testing SAST Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the blocklist implemented in...

CVE-2026-41182

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redaction controls hideOutputs in JS, hideoutputs in Python do not apply to streaming token events. When ...

[SECURITY] Fedora 43 Update: python3.14-3.14.4-1.fc43

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

[SECURITY] Fedora 43 Update: python3-docs-3.14.4-1.fc43

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

EUVD-2026-25160

PySpector is a static analysis security testing SAST Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the blocklist implemented in...

MAL-2026-3002 Malicious code in lyrox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a758a1be229d0656a639cd9e76cb14b3224260a08da87b6de28ff2bc4c1d48ba Heavy obfuscate code for extracting further obfuscate binaries and executing them using file less techniques. Some versions contain the executable embedded,...

CVE-2026-41182

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redaction controls hideOutputs in JS, hideoutputs in Python do not apply to streaming token events. When ...

EUVD-2026-25152

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redaction controls hideOutputs in JS, hideoutputs in Python do not apply to streaming token events. When ...

CVE-2026-41182 LangSmith SDK: Streaming token events bypass output redaction

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redaction controls hideOutputs in JS, hideoutputs in Python do not apply to streaming token events. When ...

CVE-2026-41182 LangSmith SDK: Streaming token events bypass output redaction

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redaction controls hideOutputs in JS, hideoutputs in Python do not apply to streaming token events. When ...

PySpector 安全漏洞

PySpector is a high-performance Python static security analysis framework based on graphs, developed by Tommaso Bona. Versions of PySpector prior to 0.1.8 contained security vulnerabilities. These vulnerabilities stemmed from an incomplete blacklist of plugin security validators, which could allo...

mako 路径遍历漏洞

Mako is an open-source template library written in Python by SQLAlchemy. It offers a familiar non-XML syntax, which can be compiled into Python modules for optimal performance. Prior to Mako 1.3.11, there was a path traversal vulnerability; this vulnerability stemmed from TemplateLookup.gettempla...

CrossCommitVuln-Bench: A Dataset of Multi-Commit Python Vulnerabilities Invisible to Per-Commit Static Analysis

We present CrossCommitVuln-Bench, a curated benchmark of 15 real-world Python vulnerabilities CVEs in which the exploitable condition was introduced across multiple commits - each individually benign to per-commit static analysis - but collectively critical. We manually annotate each CVE with its...

RHEL 9 : python3.9 (RHSA-2026:10101)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10101 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

openSUSE 16 Security Update : python-PyPDF2 (openSUSE-SU-2026:20598-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20598-1 advisory. Changes in python-PyPDF2: - CVE-2026-40260: crafted PDF can lead to large memory usage bsc1262284 Tenable has extracted the preceding description block...

Grav CMS Authenticated Scanner

This Python script is a safe, read-only scanner designed to detect whether a target running Grav CMS with its Admin plugin may be vulnerable to CVE-2025-50286, based purely on version analysis...