SUSE-SU-2026:0424-1 Security update for python-wheel

This update for python-wheel fixes the following issues: - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100...

Security update for python-brotlipy

This update for python-brotlipy fixes the following issues: Add max length decompression bsc1254867, bsc1256017 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...

SUSE-SU-2026:0423-1 Security update for python-brotlipy

This update for python-brotlipy fixes the following issues: - Add max length decompression bsc1254867, bsc1256017...

Malicious code in jsonconfig-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 883897a307b53ac17e981eac46b8d6f8c31d88fc2628c6d57c5f7f191ed84b81 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...

Syntecxhub_SQLi_Scanner

SyntecxhubSQLiScanner How do we ensure web applications are...

CVE-2026-25528

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnerable to Server-Side Request Forgery via malicious HTTP headers. An attacker can inject arbitrary apiurl values through the baggage header, causing the SDK to...

[SECURITY] Fedora 42 Update: uv-0.9.30-2.fc42

An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...

[SECURITY] Fedora 42 Update: mirrorlist-server-3.0.8-3.fc42

The mirrorlist-server uses the data created by MirrorManager2 https://github.com/fedora-infra/mirrormanager2 to answer client request for the "best" mirror. This implementation of the mirrorlist-server is written in Rust. The original version of the mirrorlist-server was part of the MirrorManager...

[SECURITY] Fedora 42 Update: maturin-1.9.6-3.fc42

Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python packages...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

DiskCache 安全漏洞

DiskCache: Disk Backed Cache is a disk backup cache tool developed by Grant Jenks. Versions of DiskCache 5.6.3 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the default use of Python pickle for serialization, which could allow attackers to execute arbitrary co...

RockyLinux 10 : python-urllib3 (RLSA-2026:1086)

The remote RockyLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:1086 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

RockyLinux 8 : brotli (RLSA-2026:2389)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2389 advisory. Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS CVE-2025-6176 Tenable has extracted the preceding description block directly from the RockyLin...

SUSE SLES12 Security Update : python-pip (SUSE-SU-2026:0420-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0420-1 advisory. - CVE-2026-1703: Fixed a potential path traversal in python-pip. bsc1257599 Tenable has extracted the preceding description block directly from the SUS...

RockyLinux 9 : python3.12-urllib3 (RLSA-2026:1088)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:1088 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

RockyLinux 8 : python3.12-urllib3 (RLSA-2026:1226)

The remote RockyLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:1226 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

RockyLinux 8 : python3.12 (RLSA-2026:2419)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2419 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 Tenable has extracted the preceding description block directly from the RockyLinux security...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...