OPENSUSE-SU-2026:10160-1 python311-Django-5.2.11-1.1 on GA media

These are all security issues fixed in the python311-Django-5.2.11-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-6792

Name of the Vulnerable Software and Affected Versions Microsoft Semantic Kernel .NET SDK versions prior to 1.71.0 Agent Framework 1.0 Description An arbitrary file write issue exists in the .NET SDK, specifically within the SessionsPythonPlugin. This flaw can be leveraged to achieve remote code...

Microsoft Semantic Kernel 路径遍历漏洞

Microsoft Semantic Kernel is a large-scale model orchestration framework developed by Microsoft Corporation. Versions of Microsoft Semantic Kernel prior to 1.70.0 contained a path traversal vulnerability, which was caused by an arbitrary file writing vulnerability in the SessionsPythonPlugin...

PT-2026-6847

Impact What kind of vulnerability is it? Who is impacted? An Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. Developers who have built applications which include Microsoft's Semantic Kernel .NET SDK and...

RockyLinux 8 : python3.12-wheel (RLSA-2026:2090)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2090 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

Security update for python-djangorestframework (moderate)

openSUSE Security Update: Security update for python-djangorestframework Announcement ID: openSUSE-SU-2026:0038-1 Rating: moderate References: 1227077 PED-8919 Cross-References: CVE-2024-21520 CVSS scores: CVE-2024-21520 SUSE: 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products:...

Security update for python-maturin (moderate)

openSUSE security update: security update for python-maturin ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20180-1 Rating: moderate References: bsc1249011 Cross-References: CVE-2025-58160 CVSS scores: CVE-2025-58160 SUSE : 3.1...

python311-wheel-0.46.3-1.1 on GA media (moderate)

python311-wheel-0.46.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10151-1 Rating: moderate Cross-References: CVE-2026-24049 CVSS scores: CVE-2026-24049 SUSE : 7.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H CVE-2026-24049 SUSE : 7.2...

SUSE SLES16 Security Update : python-wheel (SUSE-SU-2026:20217-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:20217-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Tenable has extracted the...

Oracle Linux 8 : python3 (ELSA-2026-2128)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2128 advisory. 3.6.8-73.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-73 - Security fixes...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : Python vulnerabilities (USN-8018-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8018-1 advisory. Denis Ledoux discovered that Python incorrectly parsed email message headers. An...

Ubuntu: Security Advisory (USN-8010-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 10 : python-wheel (RLSA-2026:1902)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1902 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

AlmaLinux 8 : python3 (ALSA-2026:2128)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2128 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: IMAP command injection in user-controlled commands...

Debian dla-4471 : debian-security-support - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4471 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4471-1 [email protected] https://www.debian.org/lts/security/...

Oracle Linux 7 : python (ELSA-2026-1537)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1537 advisory. 2.7.5-94.0.3 - Fix for CVE-2025-12084 Orabug: 38902314 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

RHEL 7 : python-s3transfer (RHSA-2026:2060)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:2060 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

AlmaLinux 8 : python3.12-wheel (ALSA-2026:2090)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2090 advisory. wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking CVE-2026-24049 Tenable has extracted the preceding description...

CVE-2026-0672 affecting package python3 for versions less than 3.9.19-18

CVE-2026-0672 affecting package python3 for versions less than 3.9.19-18. A patched version of the package is available...

CVE-2026-1299 affecting package python3 for versions less than 3.9.19-18

CVE-2026-1299 affecting package python3 for versions less than 3.9.19-18. A patched version of the package is available...