python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

Malicious code in collects (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fc7f98d0c4c092f4eb4a73240f8c7a5df90717853ee408fefa9eeb09a41d2cae Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

MAL-2026-1341 Malicious code in collects (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fc7f98d0c4c092f4eb4a73240f8c7a5df90717853ee408fefa9eeb09a41d2cae Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

RHSA-2026:4168 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

RHSA-2026:4165 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

CLSA-2026-1773222843 python3: Fix of 2 CVEs

CVE-2025-15366: reject control characters in IMAP commands - CVE-2026-1299: email: verify headers are sound in BytesGenerator...

MAL-2026-1339 Malicious code in anontest123 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f4d47757d3ee2d0dde7ed82934a06bf64343c344a7b090cf77f05dcd73f813a5 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in safetest123 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 697641cf873581d63edc257a57ab2bef9e6662b8c6afbe7917fef190e539df39 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2026-1340 Malicious code in safetest123 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 697641cf873581d63edc257a57ab2bef9e6662b8c6afbe7917fef190e539df39 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

python3.11 security update

3.11.13-5.1.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143104 RHEL-143167 RHEL-144890...

The Unofficial and Awesome Home Assistant MCP Server 跨站脚本漏洞

The Unofficial and Awesome Home Assistant MCP Server is an open-source component of the Unofficial Home Assistant AI Toolkit, designed to connect smart home platforms with AI assistants. Versions of the Unofficial and Awesome Home Assistant MCP Server prior to version 7.0.0 contained a cross-site...

Dynamic Python Payload Encryption Framework with Loader Generator

This Python program implements a small payload framework designed to encrypt, decrypt, analyze, and execute Python code using layered encoding and obfuscation techniques. It also automatically generates a self‑contained loader capable of restoring and executing the protected payload...

Multi‑Layer Encrypted Python Payload Loader AES‑GCM + XOR + Zlib

This Python script acts as a loader that decrypts and executes a protected Python payload using multiple cryptographic and obfuscation layers. The program first requests a password from the user and derives a 256‑bit encryption key using PBKDF2 with a fixed salt salt123. The encrypted payload is...

openSUSE 15 Security Update : python-Markdown (SUSE-SU-2026:0846-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:0846-1 advisory. This update for python-Markdown fixes the following issue: - CVE-2025-69534: incomplete markup declaration in raw HTML can crash applications that process...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Flask (SUSE-SU-2026:0849-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0849-1 advisory. This update for python-Flask fixes the following issue: - CVE-2026-27205: information disclosure due to...

Multi‑Layer Python Payload Encryptor, Decryptor, and Loader Generator

This Python program is a utility designed to encrypt, decrypt, and package Python payloads using multiple layers of encoding and obfuscation. It provides a simple command‑line menu that allows users to convert a Python script into an encoded payload and automatically generate a loader that can...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-aiohttp (SUSE-SU-2026:0858-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0858-1 advisory. - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226:...

AlmaLinux 9 : python3.12 (ALSA-2026:4165)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4165 advisory. cpython: IMAP command injection in user-controlled commands CVE-2025-15366 cpython: POP3 command injection in user-controlled commands CVE-2025-15367...

RockyLinux 9 : python3.9 (RLSA-2026:4168)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4168 advisory. cpython: IMAP command injection in user-controlled commands CVE-2025-15366 cpython: POP3 command injection in user-controlled commands CVE-2025-15367...

Oracle Linux 9 : python3.12 (ELSA-2026-4165)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4165 advisory. 3.12.12-4.0.1.el97.1 - Remove upstream URL reference 3.12.12-4.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299...