Malicious code in troncloud (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c123c7a348b5856fcedbadf1312d14b224c100c7138bfeeb3eff610fbf9dc12 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

MAL-2026-894 Malicious code in troncloud (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c123c7a348b5856fcedbadf1312d14b224c100c7138bfeeb3eff610fbf9dc12 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

SUSE-SU-2026:20352-1 Security update for protobuf

This update for protobuf fixes the following issues: - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173...

Malicious code in acpi-tables (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7388183e13e400f894ed9f6f93e05049f6f4719b1610d7c26a8b52bf88901266 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

RHSA-2026:1959 Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (python-eventlet) security update

Bulletin has no description...

CLEANSTART-2026-WV76464 libexpat in Expat before 2

Multiple security vulnerabilities affect the python3 package. libexpat in Expat before 2. See references for individual vulnerability details...

SUSE CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

SUSE: Security Advisory (SUSE-SU-2026:0424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:0440-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:0424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 8 : python3.12 (ALSA-2026:2419)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2419 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 Tenable has extracted the preceding description block directly from the AlmaLinux security...

SUSE SLES15 / openSUSE 15 Security Update : python-wheel (SUSE-SU-2026:0460-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0460-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Tenable has...

OPENSUSE-SU-2026:10200-1 python310-3.10.19-4.1 on GA media

These are all security issues fixed in the python310-3.10.19-4.1 package on the GA media of openSUSE Tumbleweed...

MiracleLinux 8 : brotli-1.0.6-4.el8_10.ML.1 (AXSA:2026-176:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-176:02 advisory. Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS CVE-2025-6176 Tenable has extracted the preceding description block directly from the...

n8n Node.js Package 2.x < 2.4.8 Python Sandbox Escape (CVE-2026-25115)

The version of the n8n Node.js Package installed on the remote host is 2.x prior to 2.4.8. It is, therefore, affected by a remote code execution vulnerability: - A vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code...

MiracleLinux 8 : python3.12-3.12.12-2.el8_10 (AXSA:2026-167:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-167:07 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 Tenable has extracted the preceding description block directly from the MiracleLinux...

OPENSUSE-SU-2026:10198-1 python311-Pillow-12.1.1-1.1 on GA media

These are all security issues fixed in the python311-Pillow-12.1.1-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE: Security Advisory (SUSE-SU-2026:0430-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : python-azure-core (SUSE-SU-2026:0476-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0476-1 advisory. - CVE-2026-21226: Fixed deserialization of untrusted data which may allow an authorized attacker to execute code over a networ...