AZL-79413 CVE-2026-2297 affecting package python3 3.9.19-19

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

DEBIAN-CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

AZL-79457 CVE-2026-2297 affecting package python3 3.12.9-9

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

UBUNTU-CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

Insufficient Logging

Overview Affected versions of this package are vulnerable to Insufficient Logging in the FileLoader class that incorrectly handles legacy SourcelessFileLoader for .pyc files. An attacker can bypass logging mechanisms sys.audit by crafting or manipulating .pyc files to avoid detection or auditing...

agentstack-cli (>=0.4.0 <=0.6.2rc6), aieng-platform-onboard (>=0.5.0 <=0.6.1) +89 more potentially affected by CVE-2026-28802 via authlib (>=1.6.0 <=1.6.6)

authlib PYPI version =1.6.0, =0.4.0, =0.5.0, =0.9.5, =0.19.0, =0.38.0, =0.1.0, =0.1.0, =0.1.0, =1.7.0, =0.1.1rc22, =0.1.0, =0.7.0, =0.2.19, =0.5.24 and more Source cves: CVE-2026-28802 Source advisory: SNYK:PYTHON-AUTHLIB-15425813...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +935 more potentially affected by CVE-2026-0847 via nltk (>=2.0.4 <=3.9.2)

nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: OSV:PYSEC-2026-98...

01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +933 more potentially affected by CVE-2026-0847 via nltk (>=3.0.0 <=3.9.2)

nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0847 Source advisory: SNYK:PYTHON-NLTK-15460762...

CLSA-2026-1772646053 python3: Fix of CVE-2025-12084

CVE-2025-12084: Prevent quadratic-time behavior when building excessively nested XML elements...

python: Fix of CVE-2025-8194

CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative...

CLSA-2026-1772577130 python: Fix of CVE-2025-8194

CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative...

MAL-2026-1240 Malicious code in requests-ml-min (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 caf988849523549406a61384e2c9f8e01d6edf3ad71e5cba77ca7c3987863f1d During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...

CVE-2026-25673

A flaw was found in Django. A remote attacker can exploit a vulnerability in the URLField.topython function, specifically when Django is running on the Windows platform. This function, which utilizes urllib.parse.urlsplit, performs a disproportionately slow normalization process for certain Unico...

Exploit for CVE-2016-10555

██╗██╗ ██╗████████╗ ███████╗ ██████╗ ██████╗ ███...

Security update for python-pip

This update for python-pip fixes the following issues: CVE-2026-1703: Fixed a potential path traversal in python-pip. bsc1257599 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

SUSE-SU-2026:0805-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2026-1703: Fixed a potential path traversal in python-pip. bsc1257599...

Security update for python

This update for python fixes the following issues: CVE-2024-7592: excess CPU resource consumption in http.cookies module bsc1229596 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...