CVE-2025-13836 affecting package python3 for versions less than 3.12.9-7

CVE-2025-13836 affecting package python3 for versions less than 3.12.9-7. A patched version of the package is available...

CVE-2025-68146 affecting package python-filelock for versions less than 3.20.1-1

CVE-2025-68146 affecting package python-filelock for versions less than 3.20.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7

CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7. A patched version of the package is available...

EUVD-2026-1961

Malicious code in graponater PyPI...

USN-7955-1 python-urllib3 vulnerability

It was discovered that urllib3 incorrectly handled decompression during HTTP redirects. An attacker could possibly use this issue to cause urllib3 to use excessive resources, causing a denial of service...

SUSE-SU-2026:20028-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues: - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launch header injection or XSS attacks bsc1254903. - CVE-2025-67725: quadratic complexity of string concatenatio...

OPENSUSE-SU-2026:20015-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues: - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launch header injection or XSS attacks bsc1254903. - CVE-2025-67725: quadratic complexity of string concatenatio...

abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +686 more potentially affected by CVE-2025-14279 via mlflow (>=3.0.0rc2 <=3.5.0)

mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.20.9, =0.21.10 and more Source cves: CVE-2025-14279 Source advisory: SNYK:PYTHON-MLFLOW-14913775...

ROOT-OS-DEBIAN-12-CVE-2026-21441 CVE-2026-21441 in rootio-python-urllib3 - Patched by Root

Root has patched CVE-2026-21441 in the rootio-python-urllib3 package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2025-66418 CVE-2025-66418 in rootio-python-urllib3 - Patched by Root

Root has patched CVE-2025-66418 in the rootio-python-urllib3 package for Root:Debian:12. Multiple fixed versions available...

USN-7951-1: Python vulnerability

It was discovered that Python's http.client did not properly handle the Content-Length header in HTTP responses. A malicious server could exploit this to cause Python to allocate excessive memory, leading to a denial of service...

USN-7951-1 python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, python3.14 vulnerability

It was discovered that Python's http.client did not properly handle the Content-Length header in HTTP responses. A malicious server could exploit this to cause Python to allocate excessive memory, leading to a denial of service...

Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response

Threat actors exploited Cloudflare's free-tier infrastructure and legitimate Python environments to deploy the AsyncRAT remote access trojan, demonstrating advanced evasion techniques that abuse trusted cloud services for malicious operations...

PT-2026-2977

It was discovered that Python's http.client did not properly handle the Content-Length header in HTTP responses. A malicious server could exploit this to cause Python to allocate excessive memory, leading to a denial of service...

Critical Photon OS Security Update - PHSA-2026-5.0-0736

Updates of 'python3-pg8000' packages of Photon OS have been released...

Fedora: Security Advisory (FEDORA-2026-4686d11563)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-2c35952b90)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

n8n Node.js Package 1.x < 2.0.0 Arbitrary Command Execution (N8scape)

The version of the n8n Node.js Package installed on the remote host is 1.x prior to 2.0.0. It is, therefore, affected by an arbitrary command execution vulnerability: - n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in...

Security update for python-cbor2 (moderate)

openSUSE Security Update: Security update for python-cbor2 Announcement ID: openSUSE-SU-2026:0009-1 Rating: moderate References: 1255783 Cross-References: CVE-2025-68131 CVSS scores: CVE-2025-68131 SUSE: 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: openSU...

Fedora: Security Advisory (FEDORA-2026-724d1b1044)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...