Malicious code in telegrem (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f2186dc29d07dc851d756bae0b5d080ebe5923efe6654fdb4aa9ec55bbba9b6a The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

EUVD-2025-205454

n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node...

GHSA-62R4-HW23-CC8V n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Impact A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process...

n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Impact A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process...

[SECURITY] [DLA 4421-1] python-urllib3 security update

Debian LTS Advisory DLA-4421-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 26, 2025 https://wiki.debian.org/LTS Package : python-urllib3 Version : 1.26.5-1exp1+deb11u2 CVE ID : CVE-2025-50181 CVE-2025-66418 Debian Bug : 1108076 1122030 Vulnerabilities...

Security update for python39

This update for python39 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...

EUVD-2025-205426

Malicious code in aiogram-3 PyPI...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992146)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992146 advisory. When using a TarFile.errorlevel = 0and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the...

n8n 安全漏洞

n8n is a scalable workflow automation tool from n8n open source. A security vulnerability exists in n8n version 1.0.0 through versions prior to 2.0.0, which stems from a sandbox bypass issue in Python Code Node that could lead to the execution of arbitrary commands...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992143)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992143 advisory. If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. Tenable has extracted the...

Debian dla-4421 : python3-urllib3 - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4421 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4421-1 [email protected]...

DLA-4421-1 python-urllib3 - security update

Bulletin has no description...

Beyond Single Bugs: Benchmarking Large Language Models for Multi-Vulnerability Detection

Large Language Models LLMs have demonstrated significant potential in automated software security, particularly in vulnerability detection. However, existing benchmarks primarily focus on isolated, single-vulnerability samples or function-level classification, failing to reflect the complexity of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992148)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992148 advisory. Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data. You are affected by this vulnerability if using the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992147 advisory. Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992149 advisory. Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992150)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992150 advisory. Allows modifying some file metadata e.g. last modified with filter=dataor file permissions chmod with filter=tarof files outside the extraction directory. You are...

Exploit for CVE-2025-68613

CVE-2025-68...

EUVD-2025-205375

Malicious code in pxdbench PyPI...

EUVD-2025-205360

Malicious code in envtoolsx PyPI...