CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/03/07 12:0 a.m.•2 views

Fedora 44 : python3.11 (2026-91d3384f04)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-91d3384f04 advisory. Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367 Tenable has extracted the preceding description block directly fr...

Tenable Nessus•added 2026/03/07 12:0 a.m.•1 views

Fedora 42 : python3.11 (2026-8fa5a66a49)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8fa5a66a49 advisory. Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367 Tenable has extracted the preceding description block directly fr...

Tenable Nessus•added 2026/03/07 12:0 a.m.•4 views

Fedora 42 : python3.10 (2026-ef5d97522f)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ef5d97522f advisory. Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367 Tenable has extracted the preceding description block directly fr...

Tenable Nessus•added 2026/03/07 12:0 a.m.•1 views

Fedora 44 : python3.10 (2026-48d2e7135b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-48d2e7135b advisory. Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-15367 Tenable has extracted the preceding description block directly fr...

Tenable Nessus•added 2026/03/07 12:0 a.m.•2 views

Fedora 44 : python3.9 (2026-14a63ba868)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-14a63ba868 advisory. Security fixes for CVE-2026-1299, CVE-2026-0865, CVE-2025-15366 and CVE-2025-1536 Tenable has extracted the preceding description block directly fro...

7.5CVSS7.2AI score0.02546EPSS

vulnersOsv•added 2026/03/06 10:54 p.m.•1 views

acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9), airflow-dbt-python (=2.1.0) +49 more potentially affected by CVE-2026-29790 via dbt-common (>=1.0.0b2 <=1.33.0)

dbt-common PYPI version =1.0.0b2, =0.1.7, =0.1.5, =0.21.7, =0.0.1rc1, =0.1.0a1, =1.0.9, =1.8.0, =1.5.2, =1.8.0, =1.8.0, =1.8.15 and more Source cves: CVE-2026-29790 Source advisory: SNYK:PYTHON-DBTCOMMON-15440507...

5.3CVSS5.4AI score0.00262EPSS

Exploits0

OSV•added 2026/03/06 10:16 p.m.•5 views

AZL-79640 CVE-2026-27142 affecting package python-tensorboard 2.16.2-6

Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actio...

6.1CVSS7.2AI score0.00303EPSS

OSV•added 2026/03/06 10:16 p.m.•3 views

AZL-79637 CVE-2026-27142 affecting package python-tensorboard 2.11.0-3

6.1CVSS5.6AI score0.00303EPSS

OSV•added 2026/03/06 9:1 p.m.•5 views

OPENSUSE-SU-2026:20333-1 Security update for python-PyPDF2

This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-27628: Fixed infinite loop when loading circular /Prev entries in cross-reference streams bsc1258940 - CVE-2026-27888: Fixed issue where manipulated FlateDecode XFA streams can exhaust RAM bsc1258934 -...

8.7CVSS5.8AI score0.00408EPSS

Exploits1References12

OSSF Malicious Packages•added 2026/03/06 5:39 p.m.•5 views

Malicious code in flowfix (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...

5.8AI score

Exploits0References3

OSV•added 2026/03/06 5:4 p.m.•0 views

SUSE-SU-2026:0846-1 Security update for python-Markdown

This update for python-Markdown fixes the following issue: - CVE-2025-69534: incomplete markup declaration in raw HTML can crash applications that process untrusted Markdown bsc1259256...

7.5CVSS5.8AI score0.00465EPSS

Exploits1References3

RedHat Linux•added 2026/03/06 4:36 p.m.•4 views

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

8.2CVSS5.8AI score0.00351EPSS

OSV•added 2026/03/06 2:43 p.m.•1 views

OPENSUSE-SU-2026:20330-1 Security update for python-uv

This update for python-uv fixes the following issue: - CVE-2025-13327: parsing differentials when processing specially crafted ZIP archives during package installation can lead to arbitrary code execution bsc1258993...

6.3CVSS6.3AI score0.0015EPSS

Exploits0References2

The Hacker News•added 2026/03/06 2:33 p.m.•11 views

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan RATs payloads that correspond to XWorm, AsyncRAT, and Xeno RAT. The stealthy attack chain has been codenamed VOIDGEIST by...

6.1AI score

Exploits0

OSSF Malicious Packages•added 2026/03/06 1:12 p.m.•7 views

Malicious code in python-requirements (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...

5.8AI score

OSSF Malicious Packages•added 2026/03/06 11:35 a.m.•11 views

Malicious code in fastapi-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e414a858711540d25b63ced50114d396e150157b65a70056beccc38948a4199 The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

6AI score