CVE-2026-40611

A flaw was found in lego, the Let's Encrypt client and ACME library written in Go. A malicious ACME Automated Certificate Management Environment server can exploit a path traversal vulnerability in the webroot HTTP-01 challenge provider. By supplying a specially crafted challenge token containing...

EUVD-2024-0156

Malicious code in bioql PyPI...

PYSEC-2024-186

RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected and potentially sensible information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application...

CVE-2024-47532

RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected and potentially sensible information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application...

Cisco IOS XR Information Disclosure Vulnerability

Cisco IOS XR software is a modular and fully distributed network operating system for service provider networks. An information disclosure vulnerability exists in the CLI parser in Cisco IOS XR versions prior to 7.1.2, 7.2.1, and 7.3.1. The vulnerability stems from insufficient application of...