RockyLinux 8 : python3.12 (RLSA-2026:6283)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6283 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly fro...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1)

The version of AOS installed on the remote host is prior to 7.5.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1 advisory. - A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library...

Fedora: Security Advisory (FEDORA-2026-1e87d53608)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-ff5da930eb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MAL-2026-2494 Malicious code in databasetapes (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d859d21aa59dfad2efc5c2f98253cd1cc808621fb3b7525037c104324e27dfe8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

PyBlade: SSTI/RCE via Bypassed AST Validation in sandbox.py

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function issafeast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may...

CVE-2026-5559

AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha is affected by a vulnerability in sandbox.py:_is_safe_ast within the AST Validation component. The flaw enables improper neutralization of special elements in the template engine, with remote-exploitation potential. Exploit has been disclosed publicl...

[SECURITY] Fedora 42 Update: mingw-python3-3.11.15-2.fc42

MinGW Windows python3...

[SECURITY] Fedora 43 Update: mingw-python3-3.11.15-2.fc43

MinGW Windows python3...

AgenticSeek 代码注入漏洞

AgenticSeek is a localized AI assistant developed by Martin himself. Version 0.1.0 of AgenticSeek has a code injection vulnerability. This vulnerability stems from incorrect operations on the PyInterpreter.execute function in the sources/tools/PyInterpreter.py file, which may lead to code injecti...

openSUSE 16 Security Update : python-Pillow (openSUSE-SU-2026:20458-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20458-1 advisory. - CVE-2026-25990: Fixed an out-of-bounds write when opening a specially crafted PSD image. bsc1258125 Tenable has extracted the preceding description...

Fedora 43 : mingw-python3 (2026-22d8c9f967)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-22d8c9f967 advisory. Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 ---- Update to python-3.11.15. Tenable has...

Fedora 42 : python3.12 (2026-e8c06584a9)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e8c06584a9 advisory. Security fix for CVE-2026-4519. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 42 : python3.14 (2026-ba6745d242)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ba6745d242 advisory. Security fix for CVE-2026-4519 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Cross browser fingerprinting SQL注入漏洞

Cross browser fingerprinting is a cross-browser user tracking fingerprint library developed by Song Li as an individual developer. Cross browser fingerprinting has a SQL injection vulnerability, which stems from incorrect handling of parameter IDs in the flask/uniquemachineapp.py file. This...

Fedora 42 : python3.13 (2026-49aedae50d)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-49aedae50d advisory. Security fix for CVE-2026-4519. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Debian dsa-6195 : python-tornado-doc - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6195 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6195-1 [email protected] https://www.debian.org/securit...

AlmaLinux 8 : python3 (ALSA-2026:6473)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:6473 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly from...

Linux Distros Unpatched Vulnerability : CVE-2026-34591

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without...

Fedora 42 : mingw-python3 (2026-ff5da930eb)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ff5da930eb advisory. Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 ---- Update to python-3.11.15. Tenable has...