MAL-2026-2399 Malicious code in flycalc (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in privaton-beacon-img-8f3603448690bdde-png (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron be565465ab48d5cf9d07625d2414c21814f63826ea9325c35dca838e40aa24e9 This package is an install-time-executable sdist that uses setup.py paired with an opaque data.bin payload and a beacon name...

MAL-2026-2201 Malicious code in privaton-beacon-img-8f3603448690bdde-png (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron be565465ab48d5cf9d07625d2414c21814f63826ea9325c35dca838e40aa24e9 This package is an install-time-executable sdist that uses setup.py paired with an opaque data.bin payload and a beacon name...

Malicious code in litellm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 6a89401cbf53902e8374fbf3b424a77bb5e5f8c437176232eab7c3237d10ecbe LiteLLM was compromised through trivy security scan in a GitHub workflow. Attackers uploaded malicious versions of LiteLLM to PyPI. The...

MAL-2026-2144 Malicious code in litellm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 6a89401cbf53902e8374fbf3b424a77bb5e5f8c437176232eab7c3237d10ecbe LiteLLM was compromised through trivy security scan in a GitHub workflow. Attackers uploaded malicious versions of LiteLLM to PyPI. The...

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

python: cpython: URL parser allowed square brackets in domain names

A flaw was found in Python. The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs...

RHSA-2026:5393 Red Hat Security Advisory: python security update

Bulletin has no description...

RHSA-2026:5399 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

SUSE-SU-2026:20821-1 Security update for python-pyasn1

This update for python-pyasn1 fixes the following issue: - CVE-2026-30922: Denial of Service via Unbounded Recursion bsc1259803...

MAL-2026-2124 Malicious code in mgrcfg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb9b6975940ff31a6a0f6361fd93d8d361a3687103c94c011a6fdf510a2fdec The code exfiltrates content copied to clipboard content to a hardcoded location. The code is obfuscated and has a persistence mechanism. --- Category: MALICIO...

[SECURITY] Fedora 42 Update: python-diskcache-5.6.3-12.fc42

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

[SECURITY] Fedora 43 Update: python-diskcache-5.6.3-12.fc43

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

SUSE CVE-2026-33154

dynaconf is a configuration management tool for Python. Prior to version 3.2.13, Dynaconf is vulnerable to Server-Side Template Injection SSTI due to unsafe template evaluation in the @Jinja resolver. When the jinja2 package is installed, Dynaconf evaluates template expressions embedded in...

[SECURITY] Fedora 44 Update: python-diskcache-5.6.3-12.fc44

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

Alibaba Cloud Linux 3 : 0061: python3.11 (ALINUX3-SA-2026:0061)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0061 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-15366: The imaplib module, when...

python3 security update

3.6.8-74.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-74 - Security fix for CVE-2025-0938 Resolves: RHEL-153235...

OPENSUSE-SU-2026:10418-1 python311-jsonpath-ng-1.8.0-1.1 on GA media

These are all security issues fixed in the python311-jsonpath-ng-1.8.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10416-1 python313-PyMuPDF-1.27.2.2-1.1 on GA media

These are all security issues fixed in the python313-PyMuPDF-1.27.2.2-1.1 package on the GA media of openSUSE Tumbleweed...

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...