Exploit for CVE-2025-4138

CVE-2025-4138 / CVE-2025-4517Python tarfile Filter Bypass via PA...

MAL-2026-904 Malicious code in strands-agents-anthropic (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b86e2f5ba17218d5e9377627cc2c437009cc3dc7c6615c87b8317995614288c6 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

ExploitReaper

Exploit Reaper...

Debian dsa-6136 : python-django-doc - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6136 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6136-1 [email protected] https://www.debian.org/securit...

python314-3.14.3-1.1 on GA media (moderate)

python314-3.14.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10206-1 Rating: moderate Cross-References: CVE-2025-12781 CVE-2025-15282 CVE-2025-15366 CVE-2025-15367 CVE-2026-0672 CVE-2026-0865 CVE-2026-1299 CVSS scores: CVE-2025-12781 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N...

DSA-6136-1 python-django - security update

Bulletin has no description...

openSUSE 16 Security Update : python-pip (openSUSE-SU-2026:20202-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20202-1 advisory. - CVE-2026-1703: files may be extracted outside the installation directory when installing and extracting maliciously crafted wheel archives bsc1257599...

Exploit for CVE-2025-2304

🚀 CVE-2025-2304 - Simple Privilege Escalation Tool 📦 Downl...

Exploit for CVE-2025-1234

CVE-2025-1234-RSA-Key-Validation-Bypass A flaw in a popular RS...

ARGUS

ARGUS - All-seeing Recon & General Unified Security...

Malicious code in crc32fast (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b89c674974bf58c7388a27bf1c6ea954a890de45a3e9ba4830c1eada3a3ea6a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-902 Malicious code in crc32fast (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b89c674974bf58c7388a27bf1c6ea954a890de45a3e9ba4830c1eada3a3ea6a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-901 Malicious code in platforms (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 152f27ebcd7a8c662ffcbfe69086e0a50e71f73993bc7d97ce3bb67896c8a4dc During importing, the code automatically starts a Telegram bot designed to download and save files locally upon a specific message in the channel. While this...

[SECURITY] Fedora 43 Update: python-aiohttp-3.13.3-4.fc43

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing...

Fedora 43 : python-aiohttp (2026-66cb8ecfc2)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-66cb8ecfc2 advisory. https://github.com/aio-libs/aiohttp/blob/v3.13.3/CHANGES.rst Tenable has extracted the preceding description block directly from the Fedora security advisory...

python310-3.10.19-4.1 on GA media (moderate)

python310-3.10.19-4.1 on GA media Announcement ID: openSUSE-SU-2026:10200-1 Rating: moderate Cross-References: CVE-2025-11468 CVE-2025-15282 CVE-2025-15366 CVE-2025-15367 CVE-2026-0672 CVE-2026-0865 CVSS scores: CVE-2025-11468 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2025-11468...

Security update for python-pip (low)

openSUSE security update: security update for python-pip ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20202-1 Rating: low References: bsc1257599 Cross-References: CVE-2026-1703 CVSS scores: CVE-2026-1703 SUSE : 3.1...

Security update for python-aiohttp, python-Brotli (important)

openSUSE security update: security update for python-aiohttp, python-brotli ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20204-1 Rating: important References: bsc1246517 bsc1254867 bsc1256017 bsc1256018 bsc1256019 bsc1256020 bsc1256021 bsc1256022...

OPENSUSE-SU-2026:10205-1 python311-cryptography-46.0.5-1.1 on GA media

These are all security issues fixed in the python311-cryptography-46.0.5-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-26216

Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec. The import builtin was included in the allowed builtins, allowing unauthenticated remote...