MAL-2026-2834 Malicious code in loadcoremwassistant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20499474b0d0eb5a02bdd34aba8dbd438993b87506fb7a9bd88a62a729736221 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2026-40192 vulnerabilities

Vulnerabilities for packages: superset, text-generation-inference, tritonserver-backend-vllm-cuda-12.9, litellm, py3-vllm-cuda-12.4, kubeflow-pipelines-visualization-server...

Security update for python-CairoSVG

This update for python-CairoSVG fixes the following issue: CVE-2026-31899: denial of service via recursive element amplification bsc1259690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

SUSE-SU-2026:1421-1 Security update for python-CairoSVG

This update for python-CairoSVG fixes the following issue: - CVE-2026-31899: denial of service via recursive element amplification bsc1259690...

ROS-20260417-73-0024

Vulnerability in python-PyPDF2 related to incorrect processing of highly compressed input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260417-73-0019

A vulnerability in the Python library for handling PyPDF PDF files involves uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to affect the availability of protected information...

ROS-20260417-73-0018

A vulnerability in the Python library for handling PyPDF PDF files involves uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2026-40192

Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-PyJWT (SUSE-SU-2026:1389-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1389-1 advisory. - CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616. Tenable has extracted the...

SUSE SLED15 / SLES15 Security Update : python-PyJWT (SUSE-SU-2026:1400-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1400-1 advisory. - CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616. Tenable has extracted the preceding...

pypdf 安全漏洞

pypdf is an open-source, free, and pure Python PDF library developed by py-pdf. It allows for splitting, merging, cropping, and converting pages of PDF files. Prior to version 6.10.0, pypdf had a security vulnerability. This vulnerability stemmed from the manipulated XMP metadata entity...

ROS-20260417-73-0025

Vulnerability in python-PyPDF2 related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Eclipse Che Machine-Exec WebSocket Service Exposure Detector

This Python script is a lightweight security detection tool designed to identify potentially exposed or misconfigured machine-exec WebSocket services associated with Eclipse Che running on port 3333...

CVE-2026-40260

pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has...

UBUNTU-CVE-2026-40192

Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...

Important Photon OS Security Update - PHSA-2026-5.0-0826

Updates of 'python3-pyasn1' packages of Photon OS have been released...

ROS-20260417-73-0013

A vulnerability in the commonprefix function of the pip module of the Python programming language is related to an incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to add and modify arbitrary files...

python311-Django-5.2.13-1.1 on GA media (moderate)

python311-Django-5.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2026:10567-1 Rating: moderate Cross-References: CVE-2026-33033 CVE-2026-33034 CVE-2026-3902 CVE-2026-4277 CVE-2026-4292 CVSS scores: CVE-2026-33033 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-33033 SUSE : 6....

SUSE SLES12 Security Update : python-urllib3 (SUSE-SU-2026:1412-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1412-1 advisory. Security issues: - CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866. -...

ROS-20260417-73-0022

Vulnerability in python-PyPDF2 related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...