PT-2026-5985

Name of the Vulnerable Software and Affected Versions Boltz version 2.0.0 Description The software contains an insecure deserialization issue in its molecule loading functionality. It utilizes Python pickle to deserialize molecule data files without proper validation. An attacker capable of placi...

boltz 安全漏洞

Boltz is an official repository for a biological model developed by Jeremy Wohlwend as a personal project. Version 2.0.0 of Boltz contains a security vulnerability; this vulnerability stems from the use of Python pickle to deserialize molecular data files without proper verification, which could...

PT-2026-6414

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...

CVE-2025-70560

Boltz 2.0.0 is affected by an insecure deserialization vulnerability in the molecule loading code path. The software uses Python pickle to deserialize molecule data files without validation, allowing an attacker who can place a crafted pickle in a directory processed by Boltz to achieve arbitrary...

CVE-2025-70560

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...

python3.12 security update

3.12.12-3.0.1 - Remove upstream URL reference 3.12.12-3 - Security fix for CVE-2025-13836 Resolves: RHEL-140978 3.12.12-2 - Security fix for CVE-2025-12084 Resolves: RHEL-135387...

CVE-2025-70560

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...

Oracle Linux 8 : python3 (ELSA-2026-1631)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1631 advisory. 3.6.8-72.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-72 - Security fix for...

Oracle Linux 10 : python3.12 (ELSA-2026-1828)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1828 advisory. - Security fix for CVE-2025-13836 Resolves: RHEL-140978 Tenable has extracted the preceding description block directly from the Oracle Linux security...

ALSA-2026:1828 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1214)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for python-python-multipart (important)

openSUSE security update: security update for python-python-multipart ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20125-1 Rating: important References: bsc1257301 Cross-References: CVE-2026-24486 CVSS scores: CVE-2026-24486 SUSE : 8.2...

Security update for python-h2 (moderate)

openSUSE security update: security update for python-h2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20122-1 Rating: moderate References: bsc1248737 Cross-References: CVE-2025-57804 CVSS scores: CVE-2025-57804 SUSE : 5.3...

python311-PyNaCl-1.6.2-1.1 on GA media (moderate)

python311-PyNaCl-1.6.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10130-1 Rating: moderate Cross-References: CVE-2025-69277 CVSS scores: CVE-2025-69277 SUSE : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVE-2025-69277 SUSE : 4.8...

Security update for python-wheel (important)

openSUSE security update: security update for python-wheel ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20147-1 Rating: important References: bsc1257100 Cross-References: CVE-2026-24049 CVSS scores: CVE-2026-24049 SUSE : 7.7...

Security update for python-urllib3 (important)

openSUSE security update: security update for python-urllib3 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20127-1 Rating: important References: bsc1254866 bsc1254867 Cross-References: CVE-2025-66418 CVE-2025-66471 CVSS scores: CVE-2025-66418 SUSE...

Security update for python-FontTools (moderate)

openSUSE security update: security update for python-fonttools ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20119-1 Rating: moderate References: bsc1254366 Cross-References: CVE-2025-66034 CVSS scores: CVE-2025-66034 SUSE : 6.3...

admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +49 more potentially affected by CVE-2026-1777 via sagemaker (=3.12.0)

sagemaker PYPI version =3.12.0 is affected by a known vulnerability. The following packages have a transitive dependency on sagemaker and may be impacted: - admet-workbench =0.1.0, =0.4.4, =1.3.24, =0.0.2, =0.1.13, =0.1.0, =0.4.0, =1.0.1, =0.4.0, =0.1.12, =0.1.0, =0.2.7 and more Source cves:...

GHSA-RJRP-M2JW-PV9C SageMaker Python SDK has Exposed HMAC

Summary SageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where the HMAC secret key is stored in environment variables and disclosed via the DescribeTrainingJob API has been identified. Impact - Function and Payload...