58096 matches found
Oracle Linux 8 : python3 (ELSA-2026-5588)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5588 advisory. 3.6.8-74.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-74 - Security fix for...
RHEL 8 : python3 (RHSA-2026:5588)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5588 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
OPENSUSE-SU-2026:10417-1 python311-deepdiff-8.6.2-1.1 on GA media
These are all security issues fixed in the python311-deepdiff-8.6.2-1.1 package on the GA media of openSUSE Tumbleweed...
Fedora 42 : python-diskcache (2026-9e5037f4e6)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9e5037f4e6 advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Fedora: Security Advisory (FEDORA-2026-9e5037f4e6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-319d85836c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious code in rowrapee (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 398cfbdac2d3602a5c9836408942993c3f2bbcda911184825f01cf9937fb035e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...
Malicious code in roboat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f04db4869c9e981873683b537f335c1f25c7c17c283315859699855a9c20816b During installation, the code attempts to download and start malware. Connected with the campaign based on the time correlation and other packages published by...
MAL-2026-2121 Malicious code in roboat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f04db4869c9e981873683b537f335c1f25c7c17c283315859699855a9c20816b During installation, the code attempts to download and start malware. Connected with the campaign based on the time correlation and other packages published by...
Embedded Malicious Code
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Embedded Malicious Code. Vulnerable releases of this package were compromised with malicious code that conceals a multi-stage credential stealer and persistent backdoor. A...
EUVD-2026-14478
cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads...
cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
Summary - The cbor2 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. - This vulnerability affects both the pure Python implementation and the C extension cbor2. The C extension correctly uses Python's C-API for...
GHSA-3C37-WWVX-H642 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
Summary - The cbor2 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. - This vulnerability affects both the pure Python implementation and the C extension cbor2. The C extension correctly uses Python's C-API for...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
ai-box-lib (>=0.1.0 <=0.1.9), aligned-py (>=0.1.0 <=0.2.0a0) +80 more potentially affected by CVE-2026-26209 via cbor2 (>=5.0.1 <=5.8.0)
cbor2 PYPI version =5.0.1, =0.1.0, =0.1.0, =0.13.0, =0.5.5.post5, =0.5.5.post4, =0.2.0, =0.10.6, =0.7.1a0, =0.1.0, =2.0.1, =1.0.0, =0.0.1, =0.0.5 and more Source cves: CVE-2026-26209 Source advisory: SNYK:PYTHON-CBOR2-15762225...
CVE-2026-26209
The CVE-2026-26209 issue affects the Python library cbor2 (including the C extension _cbor2) prior to version 5.9.0. The root cause is uncontrolled recursion when decoding deeply nested CBOR structures, as the C extension relies on Python’s Py_EnterRecursiveCall rather than a data-driven depth li...
CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...