Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Amazon
Amazonadded 2026/06/08 12:0 a.m.11 views

Medium: python3.14

Issue Overview: The "tarfile" module would still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other...

9.8CVSS5.4AI score0.0079EPSS
Exploits1
CVE
CVEadded 2026/05/11 5:19 p.m.107 views

CVE-2026-7210

CVE-2026-7210 affects Python XML parsers: xml.parsers.expat and xml.etree.ElementTree suffer from insufficient entropy in Expat hash-flooding protection, allowing a crafted XML to trigger flooding. Mitigation requires updating libexpat to 2.8.0+ and applying the accompanying patch. Connected note...

7.5CVSS5.8AI score0.0079EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/11 5:19 p.m.6 views

CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

6.3CVSS5.2AI score0.0079EPSS
Exploits0References7
Rows per page
Query Builder