CVE-2026-1299 affecting package python3 for versions less than 3.9.19-18

CVE-2026-1299 affecting package python3 for versions less than 3.9.19-18. A patched version of the package is available...

K000159893: Python vulnerability CVE-2021-3737

Security Advisory Description A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerabili...

OPENSUSE-SU-2026:20180-1 Security update for python-maturin

This update for python-maturin fixes the following issues: - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...

SUSE-SU-2026:20235-1 Security update for python-maturin

This update for python-maturin fixes the following issues: - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...

SUSE-SU-2026:20335-1 Security update for python-maturin

This update for python-maturin fixes the following issues: - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249011...

Ethical-Hacking-Tools-Level2

🛡️ Cybersecurity & Python Portfolio - Level 2 Author: Pa...

CVE-2026-25115

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8...

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into executing malicious commands under the pretext of restoring normal functionality. This variant...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Denial of Service.

Summary IBM Virtualization Engine TS7700 is susceptible to denial-of-service condition due to the use of Python CVE-2025-6069. TS7700 uses Python to perform operations with the Cloud and internal system configuration tasks. Vulnerability Details CVEID:CVE-2025-6069 DESCRIPTION: The...

MAL-2026-766 Malicious code in greeter-pro-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 14dfc4441f09da7c2365f0bda8f0406dfbba98c6c127d94689f8acbbb0dafbed Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

cpython: wsgiref.headers.Headers allows header newline injection in Python

Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers...

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Malicious code in metadata-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 222755e960642163a0918eeb42baef3dedec6676e084a02742210fb83b7d99e5 Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

MAL-2026-762 Malicious code in metadata-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 222755e960642163a0918eeb42baef3dedec6676e084a02742210fb83b7d99e5 Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

macOS Users Hit by Python Infostealers Posing as AI Installers

Microsoft details 3 Python Infostealers hitting macOS users via fake AI tools, Google ads, and Terminal tricks to steal passwords and crypto, then erase traces...

USN-8018-1 python3.14, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4 vulnerabilities

Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this issue to inject arbitrary headers into email messages. This issue only affected python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, and...

SSRF-to-RCE-Scanner

SSRF-to-RCE-Scanner IT is advanced Python-based security tool...