SUSE-SU-2026:1400-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues: - CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616...

MAL-2026-2812 Malicious code in requests-test-test44 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in requests-testik11 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in requests-test-test44 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2026-2813 Malicious code in requests-testik11 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in requests-test-test3 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2026-2810 Malicious code in requests-test-test2 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in requests-test-test2 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in bombonsec-test-123 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2026-2809 Malicious code in bombonsec-test-123 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Security update for python-PyJWT

This update for python-PyJWT fixes the following issues: CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

SUSE-SU-2026:1389-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues: - CVE-2026-32597: Fixed unknown crit header extensions accepts bsc1259616...

Malicious code in robase-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 32170773fbd5fab5b2494de72ce601e7b43d9b5c21f36b9bc26a6ada40024de6 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2699 Malicious code in robase-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 32170773fbd5fab5b2494de72ce601e7b43d9b5c21f36b9bc26a6ada40024de6 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

angr (>=9.2.187 <=9.2.217), angr-management (>=9.2.187 <=9.2.217) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

LangSmith SDK: Streaming token events bypass output redaction

Summary The LangSmith SDK's output redaction controls hideOutputs in JS, hideoutputs in Python do not apply to streaming token events. When an LLM run produces streaming output, each chunk is recorded as a newtoken event containing the raw token value. These events bypass the redaction pipeline...

a-data-processing (=0.0.1), a-mailx (=0.1.0) +1491 more potentially affected by CVE-2026-41182 via langsmith (>=0.0.10 <=0.7.21)

langsmith PYPI version =0.0.10, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =0.1.0, =0.1.1, =2.1.7, =2.1.8 - agent-builder =0.0.1 and more Source cves: CVE-2026-41182 Source advisory: SNYK:PYTHON-LANGSMITH-16082038...

[SECURITY] Fedora 42 Update: python-cairosvg-2.9.0-1.fc42

CairoSVG is a SVG 1.1 to PNG, PDF, PS and SVG converter which can also be used as a Python library...

[SECURITY] Fedora 43 Update: python-cairosvg-2.9.0-1.fc43

CairoSVG is a SVG 1.1 to PNG, PDF, PS and SVG converter which can also be used as a Python library...

[SECURITY] Fedora 43 Update: pypy-7.3.21-8.fc43

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...