Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Oracle Linux 9 : python3.9 (ELSA-2026-18693)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18693 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-167919, RHEL-168161 - Security fix for CVE-2026-4519 Resolves: RHEL-158117 Tenable has...

9.1CVSS7AI score0.00579EPSS
Exploits0References2
OSV
OSV
added 2026/06/15 3:21 p.m.3 views

ROOT-OS-DEBIAN-12-CVE-2026-4519 CVE-2026-4519 in rootio-python3.11 - Patched by Root

Root has patched CVE-2026-4519 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...

3.3CVSS5.9AI score0.00308EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/20 10:23 a.m.12 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7.1CVSS7AI score0.00308EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/07 4:55 a.m.17 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7.1CVSS6AI score0.00308EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/07 4:51 a.m.18 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7.1CVSS6.7AI score0.00308EPSS
Exploits0References7
Oracle linux
Oracle linux
added 2026/05/07 12:0 a.m.10 views

python security update

2.6.6-68.0.6 - Fix CVE-2026-4519 Orabug: 39253111...

5.9CVSS7.1AI score0.0036EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.9 views

TencentOS Server 2: python3 (TSSA-2026:0282)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0282 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

7.1CVSS5.9AI score0.00308EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 11:36 p.m.17 views

CLSA-2026-1778000974 python3: Fix of CVE-2026-4519

CVE-2026-4519: reject leading dashes in webbrowser URLs to prevent CLI option injection in pydoc/subprocess...

7.1CVSS7.1AI score0.00308EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.9 views

Oracle Linux 7 : python (ELSA-2026-9614)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9614 advisory. 2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

7.1CVSS5.8AI score0.00308EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/05/04 12:0 a.m.10 views

python security update

2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798...

7CVSS5.8AI score0.00308EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/05/04 12:0 a.m.9 views

python3 security update

3.6.8-21.0.11 - Security update CVE-2026-4519 Orabug: 39246828...

7CVSS5.8AI score0.00308EPSS
Exploits0
OSV
OSV
added 2026/04/29 9:47 a.m.11 views

CLSA-2026-1777456062 python3: Fix of CVE-2026-4519

CVE-2026-4519: reject leading dashes in webbrowser URLs...

7.1CVSS7.1AI score0.00308EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.7 views

Oracle Linux 9 : python3.12 (ELSA-2026-10745)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10745 advisory. - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-168156, RHEL-167914 - Security fix for CVE-2026-4519 Resolves: RHEL-158051 Tenable ha...

9.1CVSS4.8AI score0.00579EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.5 views

Fedora 44 : mingw-python3 (2026-3d13d52f58)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3d13d52f58 advisory. Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 ---- Update to python-3.11.15. Tenable has...

7.5CVSS4.8AI score0.00621EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.8 views

Oracle Linux 9 : python3.9 (ELSA-2026-10949)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10949 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-168157, RHEL-167915 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 Tenable...

9.1CVSS4.8AI score0.00579EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/22 7:12 a.m.6 views

Important: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

7.1CVSS5.8AI score0.00308EPSS
Exploits0References2
OSV
OSV
added 2026/04/13 9:52 p.m.9 views

PSF-2026-17

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

CPython 安全漏洞

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability, which stems from incomplete mitigation measures for CVE-2026-4519, potentially leading to command injection attacks...

7CVSS6.7AI score0.00308EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.7 views

PT-2026-32545

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incomplete mitigation allows for a bypass when a URL contains the string "%action". For certain browser types, this can lead to command injection into the...

7.1CVSS5.8AI score0.0029EPSS
Exploits0References216
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.6 views

python3.9 security update

3.9.25-3.0.1.el97.2 - Remove upstream URL reference 3.9.25-3.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 3.9.25-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143108 RHEL-143169 RHEL-144893...

7CVSS6.1AI score0.0056EPSS
Exploits0
Rows per page
Query Builder