MiracleLinux 8 : python3.11-3.11.10-1.el8_10 (AXSA:2024-8969:25)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8969:25 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : python27:2.7 (AXSA:2021-1555:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1555:01 advisory. python: infinite loop in the tarfile module via crafted TAR archive CVE-2019-20907 python-pip: directory traversal in downloadhttpurl function in...

MiracleLinux 9 : python3.9-3.9.21-1.el9_5 (AXSA:2024-9439:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9439:09 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Improper validation of IPv6 and IPvFuture addresses...

MiracleLinux 9 : python3.9-3.9.18-1.el9 (AXSA:2023-6804:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6804:05 advisory. python: tarfile module directory traversal CVE-2007-4559 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python-dns-1.15.0-12.el8 (AXSA:2024-8211:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8211:01 advisory. dnspython: denial of service in stub resolver CVE-2023-29483 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.6 (AXSA:2024-8944:24)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8944:24 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : python-lxml-4.2.3-2.el8 (AXSA:2021-1839:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1839:01 advisory. python-lxml: mXSS due to the use of improper parser CVE-2020-27783 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python3.11-3.11.2-2.el8.2 (AXSA:2023-6479:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6479:04 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2023-6552:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6552:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

CVE-2025-56005

An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...

agentengine-sdk-python (>=0.2.0 <=0.4.0), agentic-chat-ui (>=0.1.0 <=0.2.4) +42 more potentially affected by CVE-2026-22219 via chainlit (>=2.0.0 <=2.6.3)

chainlit PYPI version =2.0.0, =0.2.0, =0.1.0, =0.3.0, =0.0.3, =0.14.0, =0.0.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =1.0.0, =0.1.1, =0.1.0, =1.3.0 and more Source cves: CVE-2026-22219 Source advisory: SNYK:PYTHON-CHAINLIT-15037182...

MAL-2026-352 Malicious code in medifile (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c005d95a9b1b91118e9306168ce69163190184714fe53c65b7ba716e867c8da Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

EUVD-2026-3254

Malicious code in nanoinstaller PyPI...

Malicious code in nanoinstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f6ea4dd9867e528445ba01d2ceed3638e6178b2a940a2598c0f89eca5795802 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

MAL-2026-351 Malicious code in nanoinstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f6ea4dd9867e528445ba01d2ceed3638e6178b2a940a2598c0f89eca5795802 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

EUVD-2026-3255

Malicious code in bnanainstaller PyPI...

Malicious code in bnanainstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa730f845044e96bb14f1b7245d35b819dc8a9ddeef07c952c22e65f85c0a459 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

MAL-2026-350 Malicious code in bnanainstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa730f845044e96bb14f1b7245d35b819dc8a9ddeef07c952c22e65f85c0a459 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

[SECURITY] Fedora 43 Update: python-biopython-1.86-2.fc43

A set of freely available Python tools for computational molecular biology...

Debian: Security Advisory (DSA-6102-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...