SUSE SLES15 Security Update : python-aiohttp (SUSE-SU-2026:0859-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0859-1 advisory. - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226: Fixed brute-force leak of internal...

AlmaLinux 8 : python3.12 (ALSA-2026:4463)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4463 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: IMAP command injection in user-controlled commands...

CVE-2026-32274

A user input sanitization flaw has been discovered in the Black python code formatter. Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker...

acapy-agent (>=1.1.1 <=1.5.1rc1), acapy-agent-jamie-testing (=1.3.1rc1) +471 more potentially affected by CVE-2026-32597 via pyjwt (>=2.0.0 <=2.11.0)

pyjwt PYPI version =2.0.0, =1.1.1, =0.1.1, =0.1.31, =0.1.0, =0.5.0, =1.89.5, =0.1.0, =0.0.1, =0.1.59, =0.2.47, =24.12.0, =1.29.7, =1.37.0 - anote-generate =0.3.0 and more Source cves: CVE-2026-32597 Source advisory: SNYK:PYTHON-PYJWT-15518059...

DEBIAN-CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

UBUNTU-CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274 Black: Arbitrary file writes from unsanitized user input in cache file name

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274 Black: Arbitrary file writes from unsanitized user input in cache file name

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274

CVE-2026-32274 affects the Black Python formatter prior to 26.3.1. The cache filename is derived from various formatting options, and the value of the --python-cell-magics option was included without sanitization, allowing an attacker who controls that value to write cache files to arbitrary file...

CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

apache-gravitino (>=1.2.0 <=1.2.1rc2), cloudquery-plugin-sdk (=0.1.52) +14 more potentially affected by CVE-2026-32274 via black (>=26.1.0 <=26.3.0)

black PYPI version =26.1.0, =1.2.0, =0.4.0, =0.2.2, =2.189.0, =0.12.0, =0.7.4, =0.8.0, =0.1.8, =2.54.8, =0.17.1, =1.2.1, =0.1.2, =0.1.3 and more Source cves: CVE-2026-32274 Source advisory: SNYK:PYTHON-BLACK-15518063...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization in the --python-cell-magics option when constructing cache file names. An attacker can write files to arbitrary locations on the file system by supplying crafted input. Details A...

GHSA-3936-CMFR-PM3M Black: Arbitrary file writes from unsanitized user input in cache file name

Impact Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the value of this argument to write cache files to arbitrary file...

Black: Arbitrary file writes from unsanitized user input in cache file name

Impact Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the value of this argument to write cache files to arbitrary file...

EUVD-2026-11607

multipart vulnerable to ReDoS in parseoptionsheader...

RLSA-2026:4463 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...