python: Python: Command-line option injection in webbrowser.open() via crafted URLs

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

MAL-2026-2519 Malicious code in just4testlm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5aed012f2ecc4af261bb7f2fc294b9aee5c0733ccf207b9e9e9a381d51387811 The package likely tests different malicious techniques and delivering payload in setup.py. Different versions, like 0.1.0, 0.4.0 or 0.9.0 contain malicious...

[SECURITY] Fedora 42 Update: python-pydicom-3.0.2-1.fc42

pydicom is a pure python package for working with DICOM files. It was made for inspecting and modifying DICOM data in an easy "pythonic" way. The modifications can be written again to a new file. pydicom is not a DICOM server, and is not primarily about viewing images. It is designed to let you...

[SECURITY] Fedora 43 Update: python-biopython-1.87-1.fc43

A set of freely available Python tools for computational molecular biology...

[SECURITY] Fedora 43 Update: python-pydicom-3.0.2-1.fc43

pydicom is a pure python package for working with DICOM files. It was made for inspecting and modifying DICOM data in an easy "pythonic" way. The modifications can be written again to a new file. pydicom is not a DICOM server, and is not primarily about viewing images. It is designed to let you...

RockyLinux 9 : python3.9 (RLSA-2026:6766)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6766 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly fro...

OPENSUSE-SU-2026:10516-1 python311-Django4-4.2.30-1.1 on GA media

These are all security issues fixed in the python311-Django4-4.2.30-1.1 package on the GA media of openSUSE Tumbleweed...

openSUSE Security Advisory (SUSE-SU-2026:1206-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4523-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:1192-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python311-lupa-2.7-1.1 on GA media (moderate)

python311-lupa-2.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:10507-1 Rating: moderate Cross-References: CVE-2026-34444 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

Fedora 43 : python-biopython (2026-2953954ff3)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2953954ff3 advisory. - Release 1.87 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Vulnerability Detection with Interprocedural Context in Multiple Languages: Assessing Effectiveness and Cost of Modern LLMs

Large Language Models LLMs have been a promising way for automated vulnerability detection. However, most prior studies have explored the use of LLMs to detect vulnerabilities only within single functions, disregarding those related to interprocedural dependencies. These studies overlook...

SUSE: Security Advisory (SUSE-SU-2026:1192-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-f89e555af4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2026:10520-1 python310-3.10.20-4.1 on GA media

These are all security issues fixed in the python310-3.10.20-4.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10521-1 python312-3.12.13-5.1 on GA media

These are all security issues fixed in the python312-3.12.13-5.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-31754

Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system CVE: CVE-2026-33793 PT ID: PT-2026-31754 Vendor: Juniper networks Product: Junos OS CVSS: 7.8 Credits: n/a Description: An Execution with Unnecessary...

RHEL 10 : python3.12 (RHSA-2026:7244)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7244 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...