python311-marshmallow-3.26.2-1.1 on GA media (moderate)

python311-marshmallow-3.26.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10003-1 Rating: moderate Cross-References: CVE-2025-68480 CVSS scores: CVE-2025-68480 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-68480 SUSE : 6.3...

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2026-1001)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2...

OPENSUSE-SU-2026:10005-1 python312-Django6-6.0-1.1 on GA media

These are all security issues fixed in the python312-Django6-6.0-1.1 package on the GA media of openSUSE Tumbleweed...

Remote Code Execution (RCE)

n8n is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient isolation in the Pyodide-based Python Code Node, which allows an authenticated attacker with workflow modification privileges to escape the sandbox and execute arbitrary commands on the host system running n8...

webguard-scanner

webguard-scanner COMPANY: CODETECH IT SOLUTIONS NAME: KA...

Malicious code in gatr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5d3d1723e01bd7a4d33591053ec24cde4369a19677874b25a7d73dfa4dadf46e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

EUVD-2026-0747

Malicious code in gatr PyPI...

MAL-2026-7 Malicious code in gatr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5d3d1723e01bd7a4d33591053ec24cde4369a19677874b25a7d73dfa4dadf46e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Scapy Packet Manipulation Tool 2.7.0

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answe...

MAL-2026-6 Malicious code in ziphash (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e9a36a54bad10e0f086740a84fd0a837dd4bf1cc9c3c0707648af4bb3855a03e During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

EUVD-2026-0019

Malicious code in queryservice-client PyPI...

Malicious code in queryservice-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92aafbccc7065760e0127931c5150c59561f3b753ab9fe79dbcbdafd1aef97dc Dependency confusion PoC that exfiltrates also potentially sensitive environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent,...

MAL-2026-5 Malicious code in queryservice-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92aafbccc7065760e0127931c5150c59561f3b753ab9fe79dbcbdafd1aef97dc Dependency confusion PoC that exfiltrates also potentially sensitive environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent,...

EUVD-2026-0023

Malicious code in sfnt2woff-zopfli PyPI...

MAL-2026-1 Malicious code in sfnt2woff-zopfli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f372716a5cf92b41a37e0d7a83e287a41fcaca77b3cf9a324554c20a86635d8a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Exploit for Cross-site Scripting in Warfareplugins Social_Warfare

CVE-2019-9978-RCE-PoC A custom Pytho...

cbtham-feast-az-provider (>=0.2.299b0 <=0.2.302), elemeno-ai-sdk (>=0.0.77 <=0.6.11) +23 more potentially affected by CVE-2025-11157 via feast (>=0.14.1 <=0.49.0)

feast PYPI version =0.14.1, =0.2.299b0, =0.0.77, =0.0.1, =0.2.2, =0.1.0, =0.3.0, =0.0.2, =1.0.0, =0.1.0, =0.1.33, =1.0.5 and more Source cves: CVE-2025-11157 Source advisory: SNYK:PYTHON-FEAST-14830622...

SQL Injection

Overview sqlo is an A modern, type-safe, and extensible SQL query builder for Python. Affected versions of this package are vulnerable to SQL Injection due to insufficient validation and enforcement in query builder logic. An attacker can exploit these weaknesses to inject arbitrary SQL statement...

abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +694 more potentially affected by unknown CVE via mlflow (>=3.0.0rc2 <=3.6.0rc0)

mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.20.9, =0.21.10 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-MLFLOW-14829280...

abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +694 more potentially affected by unknown CVE via mlflow (>=3.0.0rc2 <=3.6.0rc0)

mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.20.9, =0.21.10 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-MLFLOW-14806999...