Fedora 42 : python3.15 (2026-e7dc1a8950)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e7dc1a8950 advisory. A new prerelease of Python 3.15 with fixes to several CVEs. Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 43 : python3.15 (2026-e2ada1fa1e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e2ada1fa1e advisory. New prerelease of Python 3.15, containing fixes to a few CVEs. Tenable has extracted the preceding description block directly from the Fedora securi...

RockyLinux 8 : python3 (RLSA-2026:11077)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:11077 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

MAL-2026-4285 Malicious code in polydata-analytics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04c2f2ae400ee7411678735073e22d4c662de5653a4add84eaca159ed0ba004a Package self-describes as a Polymarket market-data analytics tool but ships a Windows clipboard monitor src/polymarketdatafetcher/clipper/winclip.py...

MAL-2026-4678 Malicious code in sysnode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1f5d271eb72dffa8868b2701aeb4aa7799ee9d7294f342e14682b6675114077 Package self-describes as a 'System binary configuration tool' but on invocation CLI/bin entry or require it silently bootstraps a full surveillance...

Malicious code in sysnode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1f5d271eb72dffa8868b2701aeb4aa7799ee9d7294f342e14682b6675114077 Package self-describes as a 'System binary configuration tool' but on invocation CLI/bin entry or require it silently bootstraps a full surveillance...

Malicious code in whatsfly-labfox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44d4a24d293f810bd11587936b79a835fb0671b7af961328f836d57c7b0c4514 Runtime observations from install-time sandbox execution of the package...

sql-injection

sql-injection python tool that...

[SECURITY] Fedora 43 Update: python-pulp-glue-0.37.0-5.fc43

pulp-glue is a library to ease the programmatic communication with the Pulp3 API. It helps to abstract different resource types with so called contexts and allows to build or even provides complex workflows like chunked upload or waiting on tasks. It is built around an openapi3 parser to provide...

[SECURITY] Fedora 43 Update: python-requests-2.33.1-1.fc43

Most existing Python modules for sending HTTP requests are extremely verbose and cumbersome. Python=E2=80=99s built-in urllib2 module provides most of the HTTP capabilities you should need, but the API is thoroughly broken. This library is designed to make HTTP requests easy for developers...

PT-2026-42910

Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 2026.4.24 Description A weakness in the Messaging Gateway Handler component allows for remote information disclosure. The issue is located within the make run env function in the...

Malicious Package

Overview eth-security-auditor is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package was linked to a supply chain attack and contained code designed to steal developer secrets, crypto wallets, SSH keys, and cloud...

Malicious Package

Overview solidity-build-guard is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package was linked to a supply chain attack and contained code designed to steal developer secrets, crypto wallets, SSH keys, and cloud...

Malicious Package

Overview defi-risk-scanner is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package was linked to a supply chain attack and contained code designed to steal developer secrets, crypto wallets, SSH keys, and cloud...

Malicious Package

Overview cryptowallet-safety is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package was linked to a supply chain attack and contained code designed to steal developer secrets, crypto wallets, SSH keys, and cloud...

[SECURITY] Fedora 42 Update: python3.15-3.15.0~b1-1.fc42

Python 3.15 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.15 package provides the "python3.15" executable:...

[SECURITY] Fedora 43 Update: python3.15-3.15.0~b1-1.fc43

Python 3.15 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.15 package provides the "python3.15" executable:...

CVE-2026-7246 affecting package python-click for versions less than 8.1.7-3

CVE-2026-7246 affecting package python-click for versions less than 8.1.7-3. A patched version of the package is available...

[SECURITY] Fedora 44 Update: python3.15-3.15.0~b1-1.fc44

Python 3.15 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.15 package provides the "python3.15" executable:...

python311-impacket-0.13.1-1.1 on GA media (moderate)

python311-impacket-0.13.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10837-1 Rating: moderate Cross-References: CVE-2025-33073 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...