Important: python3.12-wheel

Issue Overview: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.46.1 and below, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename...

OPENSUSE-SU-2026:10221-1 python311-3.11.14-4.1 on GA media

These are all security issues fixed in the python311-3.11.14-4.1 package on the GA media of openSUSE Tumbleweed...

Fedora 43 : python-pillow (2026-9f517a7495)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9f517a7495 advisory. Backport fix for CVE-2026-25990. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 42 : mingw-python3 (2026-c8b3418f91)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c8b3418f91 advisory. Backport fixes for CVE-2025-11468, CVE-2026-0672, CVE-2026-0865, CVE-2025-15282, CVE-2026-1299 Tenable has extracted the preceding description block...

OPENSUSE-SU-2026:10222-1 python312-3.12.12-5.1 on GA media

These are all security issues fixed in the python312-3.12.12-5.1 package on the GA media of openSUSE Tumbleweed...

Fedora: Security Advisory (FEDORA-2026-9f517a7495)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

📄 RuoYi 4.7.9 Advanced SQL Injection Exploitation Toolkit

This Python script is a sophisticated SQL injection exploitation tool that targets Java web applications specifically RuoYi framework, with additional remote code execution capabilities. The tool performs blind SQL injection attacks and includes multiple methods for escalating from SQL injection ...

python311-asgiref-3.11.1-1.1 on GA media (moderate)

python311-asgiref-3.11.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10216-1 Rating: moderate Cross-References: CVE-2025-14550 CVSS scores: CVE-2025-14550 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability c...

MAL-2026-932 Malicious code in easyreg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2897582bf6c0c29d4fc679ee338263019a8a5d5bcb66b5ae2c59454d6c967d6a The package pretends to be a development helper but, in fact, downloads a remote executable. Dynamic analysis reveals actions like disabling Windows Defender a...

MAL-2026-931 Malicious code in telebot-infe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 590d96b39de125e4d96c7b88fdc57ef5257eddbf8277011e51c84e1500302aaf The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

MAL-2026-930 Malicious code in telebot-info (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61aec9d37a402659928293fb6a151f72f9de1194a73a519f7e1595e5ed5b719b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

RHSA-2026:2728 Red Hat Security Advisory: python-urllib3 security update

Bulletin has no description...

RHSA-2026:2723 Red Hat Security Advisory: python-urllib3 security update

Bulletin has no description...

RHSA-2026:2718 Red Hat Security Advisory: python-urllib3 security update

Bulletin has no description...

RHSA-2026:2717 Red Hat Security Advisory: python-urllib3 security update

Bulletin has no description...

RHSA-2026:2713 Red Hat Security Advisory: python3 security update

Bulletin has no description...

RHSA-2026:2710 Red Hat Security Advisory: python3.12-wheel security update

Bulletin has no description...

SUSE-SU-2026:20490-1 Security update for protobuf

This update for protobuf fixes the following issues: - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173...

SUSE-SU-2026:20482-1 Security update for python-pyasn1

This update for python-pyasn1 fixes the following issues: - CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902...

RLSA-2023:7050 Moderate: python38:3.8 and python38-devel:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...