Fedora 42 : python3.11 (2026-2cca15998f)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2cca15998f advisory. Update to 3.11.15 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-kdcproxy (UTSA-2026-006138)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006138 advisory. If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-006147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006147 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded...

Fedora 44 : python3.10 (2026-ec79778b27)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ec79778b27 advisory. Update to 3.10.20 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 42 : python3.10 (2026-66ae29ad2c)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-66ae29ad2c advisory. Update to 3.10.20 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora 44 : pcs (2026-015b33238d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-015b33238d advisory. - Rebased pcs to the newest major version see CHANGELOG.md - Updated standalone web UI and HA Cluster Management Cockpit application to pcs-web-ui 0.1.24.2 s...

Fedora 43 : pcs (2026-88c901f6a2)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-88c901f6a2 advisory. - Rebased pcs to the newest major version see CHANGELOG.md - Updated standalone web UI and HA Cluster Management Cockpit application to pcs-web-ui 0.1.24.2 s...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-006152)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006152 advisory. When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgradi...

CLSA-2026-1773480241 python: Fix of CVE-2025-12084

CVE-2025-12084: fix quadratic algorithm when building nested XML elements with appendChild...

Hellxss

██╗ ██╗███████╗██╗ ██╗ ██╗ ██╗███████╗███████╗ █...

CLSA-2026-1773481701 python3.9: Fix of CVE-2025-6075

CVE-2025-6075: fix quadratic complexity in os.path.expandvars...

CLSA-2026-1773480954 python3.9: Fix of CVE-2025-6075

CVE-2025-6075: fix quadratic complexity in os.path.expandvars...

Arbitrary File Write

Black is vulnerable to Arbitrary File Write. The vulnerability is due to improper sanitization of the --python-cell-magics option when constructing cache file names, allowing attackers to manipulate the file path and write cache files to arbitrary locations on the filesystem...

MGASA-2026-0057 Updated python-nltk packages fix security vulnerability

Path Traversal in nltk/nltk. CVE-2026-0847...

Updated python-nltk packages fix security vulnerability

Path Traversal in nltk/nltk. CVE-2026-0847...

[SECURITY] Fedora 44 Update: python-gstreamer1-1.28.1-1.fc44

This module contains PyGObject overrides to make it easier to write applications that use GStreamer 1.x in Python...

OPENSUSE-SU-2026:10373-1 python311-simpleeval-1.0.5-1.1 on GA media

These are all security issues fixed in the python311-simpleeval-1.0.5-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE SLES12 Security Update : python (SUSE-SU-2026:0891-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0891-1 advisory. This update for python fixes the following issue: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in...

aap-client-python (>=0.1.1 <=0.1.3), abdelrahman-obfuscate (>=1.0.0 <=1.0.1) +1216 more potentially affected by CVE-2026-32597 via pyjwt (>=0.2.1 <=2.11.0)

pyjwt PYPI version =0.2.1, =0.1.1, =1.0.0, =2.0.0, =1.1.1, =0.8.44.4, =0.1.1, =0.1.1, =0.1.31, =0.1.0, =0.5.0, =0.7.1rc2 and more Source cves: CVE-2026-32597 Source advisory: OSV:GHSA-752W-5FWX-JX9F...

article-extract (>=0.1.2 <=0.1.3), athlinks-races (>=0.0.4 <=0.0.7) +51 more potentially affected by unknown CVE via scrapy (>=1.4.0 <=2.14.1)

scrapy PYPI version =1.4.0, =0.1.2, =0.0.4, =3.4.0, =2.8.3, =0.0.1.dev1, =1.3.0, =1.2.1.20160901, =0.2.0, =0.0.5, =0.2.4, =0.0.2, =0.3.0a0, =0.0.20, =0.0.34 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-SCRAPY-15624315...