python - Security News Tags

LOW

Vulnérabilité dans CPython (26 mai 2026)

CERT-FR (ANSSI) • May 26, 2026

INFO

RHSA-2026:20573: Moderate: python-tornado security update

Red Hat Errata • May 26, 2026

INFO

RHSA-2026:20577: Moderate: python-tornado security update

Red Hat Errata • May 26, 2026

INFO

RHSA-2026:19571: Important: python3.9 security update

Red Hat Errata • May 20, 2026

INFO

RHSA-2026:19576: Important: python3.9 security update

Red Hat Errata • May 20, 2026

MEDIUM

RHSA-2026:19590: Important: python3 security update

Red Hat Errata • May 20, 2026

MEDIUM

RHSA-2026:19589: Important: python security update

Red Hat Errata • May 20, 2026

INFO

RHSA-2026:19570: Important: python3.9 security update

Red Hat Errata • May 20, 2026

INFO

RHSA-2026:19176: Important: python3.14 security update

Red Hat Errata • May 19, 2026

LOW

RHSA-2026:19197: Low: python-jwcrypto security update

Red Hat Errata • May 19, 2026

HIGH

RHSA-2026:19175: Important: python3.11 security update

Red Hat Errata • May 19, 2026

MEDIUM

RHSA-2026:19189: Moderate: python-tornado security update

Red Hat Errata • May 19, 2026

HIGH

RHSA-2026:19177: Important: python3.12 security update

Red Hat Errata • May 19, 2026

HIGH

RHSA-2026:19155: Important: python-markdown security update

Red Hat Errata • May 19, 2026

MEDIUM

RHSA-2026:18958: Moderate: python3.12 security update

Red Hat Errata • May 19, 2026

MEDIUM

RHSA-2026:18957: Moderate: python3.11 security update

Red Hat Errata • May 19, 2026

LOW

RHSA-2026:19042: Low: python-jwcrypto security update

Red Hat Errata • May 19, 2026

INFO

RHSA-2026:19034: Moderate: python-tornado security update

Red Hat Errata • May 19, 2026

MEDIUM

[NEU] [mittel] CPython: Schwachstelle ermöglicht Manipulation von Daten

BSI Germany • May 15, 2026

HIGH

RHSA-2026:17619: Important: python3 security update

Red Hat Errata • May 14, 2026

MEDIUM

RHSA-2026:17525: Important: python3.12 security update

Red Hat Errata • May 14, 2026

LOW

[NEU] [niedrig] CPython: Schwachstelle ermöglicht Denial of Service

BSI Germany • May 12, 2026

HIGH

JDownloader site hacked to replace installers with Python RAT malware

BleepingComputer • May 09, 2026

MEDIUM

DSA-6259-1 pyjwt - security update

Debian Security • May 09, 2026

CRITICAL

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

The Hacker News • May 07, 2026

HIGH

Backdoored PyTorch Lightning package drops credential stealer

BleepingComputer • May 04, 2026

HIGH

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

SecurityWeek • May 01, 2026

CRITICAL

PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

The Hacker News • Apr 30, 2026

CRITICAL

lightning PyPI Compromise: A Bun-Based Credential Stealer in Python

Snyk • Apr 30, 2026

CRITICAL

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

The Hacker News • Apr 30, 2026

INFO

CVE-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

Microsoft Security Response Center • Apr 30, 2026

INFO

CVE-2026-6357 pip self-update functionality can import newly installed modules after wheel installation

Microsoft Security Response Center • Apr 30, 2026

MEDIUM

USN-8225-1: Python marshmallow vulnerabilities

Ubuntu Security • Apr 30, 2026

CRITICAL

LiteLLM exploited within 36 hours of disclosure via SQL injection bug

SC Media • Apr 29, 2026

HIGH

RHSA-2026:11722: Important: python-urllib3 security update

Red Hat Errata • Apr 29, 2026

HIGH

USN-8221-1: wheel vulnerability

Ubuntu Security • Apr 29, 2026

CRITICAL

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

The Hacker News • Apr 29, 2026

HIGH

Vulnérabilité dans Python (28 avril 2026)

CERT-FR (ANSSI) • Apr 28, 2026

HIGH

RHSA-2026:11077: Important: python3 security update

Red Hat Errata • Apr 27, 2026

HIGH

RHSA-2026:11062: Important: python3.11 security update

Red Hat Errata • Apr 27, 2026

HIGH

PyPI package with 1.1M monthly downloads hacked to push infostealer

BleepingComputer • Apr 27, 2026

HIGH

RHSA-2026:10774: Important: python3.11 security update

Red Hat Errata • Apr 27, 2026

HIGH

RHSA-2026:10745: Important: python3.12 security update

Red Hat Errata • Apr 27, 2026

HIGH

RHSA-2026:10711: Important: python3.12 security update

Red Hat Errata • Apr 27, 2026

HIGH

CVE-2026-41140 Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4

Microsoft Security Response Center • Apr 26, 2026

HIGH

RHSA-2026:10102: Important: python security update

Red Hat Errata • Apr 23, 2026

HIGH

RHSA-2026:10101: Important: python3.9 security update

Red Hat Errata • Apr 23, 2026

HIGH

RHSA-2026:10111: Important: python3.12 security update

Red Hat Errata • Apr 23, 2026

MEDIUM

Vulnérabilité dans Python (22 avril 2026)

CERT-FR (ANSSI) • Apr 22, 2026

HIGH

[NEU] [mittel] lxml: Schwachstelle ermöglicht Offenlegung von Informationen

BSI Germany • Apr 22, 2026

HIGH

[NEU] [hoch] CPython: Schwachstelle ermöglicht nicht spezifizierten Angriff

BSI Germany • Apr 22, 2026

HIGH

RHSA-2026:9289: Important: python3 security update

Red Hat Errata • Apr 21, 2026

HIGH

RHSA-2026:9386: Important: python3 security update

Red Hat Errata • Apr 21, 2026

INFO

RHSA-2026:9261: Important: python3.9 security update

Red Hat Errata • Apr 21, 2026

INFO

RHSA-2026:9260: Important: python3.11 security update

Red Hat Errata • Apr 21, 2026

LOW

DSA-6220-1 simpleeval - security update

Debian Security • Apr 20, 2026

LOW

DSA-6219-1 pillow - security update

Debian Security • Apr 19, 2026

MEDIUM

[NEU] [mittel] CPython: Schwachstelle ermöglicht Manipulation von Daten

BSI Germany • Apr 15, 2026

CRITICAL

Multiples vulnérabilités dans Python (14 avril 2026)

CERT-FR (ANSSI) • Apr 14, 2026

HIGH

[NEU] [mittel] CPython: Mehrere Schwachstellen

BSI Germany • Apr 14, 2026

MEDIUM

Multiples vulnérabilités dans Python (13 avril 2026)

CERT-FR (ANSSI) • Apr 13, 2026

CRITICAL

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CSO Online • Apr 13, 2026

MEDIUM

[NEU] [mittel] CPython: Mehrere Schwachstellen

BSI Germany • Apr 13, 2026

CRITICAL

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

The Hacker News • Apr 10, 2026

CRITICAL

Critical Marimo Flaw Exploited Hours After Public Disclosure

SecurityWeek • Apr 10, 2026

HIGH

[NEU] [mittel] Django: Mehrere Schwachstellen

BSI Germany • Apr 08, 2026

HIGH

Python Supply-Chain Compromise

Schneier on Security • Apr 08, 2026

MEDIUM

DSA-6195-1 python-tornado - security update

Debian Security • Apr 03, 2026

HIGH

Weaponizing the Protectors: TeamPCP’s Multi-Stage Supply Chain Attack on Security Infrastructure

Unit 42 • Mar 31, 2026

MEDIUM

USN-8134-1: pyasn1 vulnerabilities

Ubuntu Security • Mar 30, 2026

INFO

Week in review: NIST updates DNS security guidance, compromised LiteLLM PyPI packages

Help Net Security • Mar 29, 2026

HIGH

New Infinity Stealer malware grabs macOS data via ClickFix lures

BleepingComputer • Mar 28, 2026

HIGH

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

The Hacker News • Mar 27, 2026

MEDIUM

NICKEL ALLEY strategy: Fake it ‘til you make it

Malpedia •

HIGH

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Infosecurity Magazine • Mar 27, 2026

HIGH

LiteLLM malware supply chain attack analysis (pt-BR only, sorry)

Reddit r/netsec • Mar 26, 2026

HIGH

TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

Infosecurity Magazine • Mar 25, 2026

HIGH

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks

Help Net Security • Mar 25, 2026

CRITICAL

How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM

Reddit r/netsec • Mar 24, 2026

CRITICAL

LiteLLM loses game of Trivy pursuit, gets compromised

The Register Security • Mar 24, 2026

CRITICAL

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise

The Hacker News • Mar 24, 2026

MEDIUM

[UPDATE] [niedrig] Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

BSI Germany • Mar 24, 2026

LOW

[UPDATE] [niedrig] CPython: Schwachstelle ermöglicht Denial of Service

BSI Germany • Mar 24, 2026

MEDIUM

First instance of PylangGhost RAT observed on npm

Malpedia •

MEDIUM

[NEU] [mittel] PyTorch: Schwachstelle ermöglicht Codeausführung

BSI Germany • Mar 23, 2026

MEDIUM

Vulnérabilité dans Python (19 mars 2026)

CERT-FR (ANSSI) • Mar 19, 2026

MEDIUM

[NEU] [niedrig] Python: Schwachstelle ermöglicht Path Traversal

BSI Germany • Mar 19, 2026

LOW

USN-8018-3: Python 2.7 vulnerabilities

Ubuntu Security • Mar 19, 2026

MEDIUM

[UPDATE] [mittel] Python: Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen

BSI Germany • Mar 18, 2026

MEDIUM

VU#624941: LibreChat RAG API contains a log-injection vulnerability

CERT/CC • Mar 16, 2026

MEDIUM

Vulnérabilité dans Python (13 mars 2026)

CERT-FR (ANSSI) • Mar 13, 2026

MEDIUM

USN-8018-2: Python regression

Ubuntu Security • Mar 09, 2026

INFO

The great license-washing has begun

OSnews • Mar 05, 2026

LOW

Vulnérabilité dans CPython (05 mars 2026)

CERT-FR (ANSSI) • Mar 05, 2026

MEDIUM

[NEU] [mittel] CPython: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

BSI Germany • Mar 05, 2026

HIGH

[NEU] [mittel] Django: Mehrere Schwachstellen

BSI Germany • Mar 04, 2026

MEDIUM

DSA-6150-1 python-django - security update

Debian Security • Feb 26, 2026

INFO

Snyk and uv, Better Together

Snyk • Feb 24, 2026

MEDIUM

[NEU] [mittel] Red Hat Enterprise Linux (Python Protobuf): Schwachstelle ermöglicht Denial of Service

BSI Germany • Feb 24, 2026

HIGH

Fraud Investigation Reveals Sophisticated Python Malware

Infosecurity Magazine • Feb 23, 2026