https://appsec.fyi/python.html Curated Python resources from appsec.fyi en-us Sat, 11 Apr 2026 04:02:11 +0000 carl@chs.us (Carl Sampson) https://www.cvedetails.com/vulnerability-list/vendor_id-10210/product_id-18230/Python-Python.html https://www.cvedetails.com/vulnerability-list/vendor_id-10210/product_id-18230/Python-Python.html Python CVE Details Python Fri, 10 Apr 2026 01:56:14 +0000 https://cvedatabase.com/vendor/python https://cvedatabase.com/vendor/python Python Security Vulnerabilities CVE Database Python Fri, 10 Apr 2026 01:56:13 +0000 https://github.com/advisories/GHSA-655q-fx9r-782v https://github.com/advisories/GHSA-655q-fx9r-782v Picklescan Allows RCE via Malicious Pickle File Python Fri, 10 Apr 2026 01:56:12 +0000 https://www.sentinelone.com/vulnerability-database/cve-2025-56005/ https://www.sentinelone.com/vulnerability-database/cve-2025-56005/ CVE-2025-56005: PLY RCE Vulnerability Python Fri, 10 Apr 2026 01:56:12 +0000 https://www.securitymagazine.com/articles/101700-new-research-multi-stage-malware-attack-on-python-package-index-discovered https://www.securitymagazine.com/articles/101700-new-research-multi-stage-malware-attack-on-python-package-index-discovered Multi-Stage Malware Attack on Python Package Index Python Fri, 10 Apr 2026 01:56:11 +0000 https://www.sonatype.com/security-advisories/cve-2025-1716 https://www.sonatype.com/security-advisories/cve-2025-1716 CVE-2025-1716 Sonatype Security Advisory Python Fri, 10 Apr 2026 01:56:10 +0000 https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v Picklescan Fails to Detect Unsafe Globals Advisory Python Fri, 10 Apr 2026 01:56:09 +0000 https://www.miggo.io/vulnerability-database/cve/CVE-2025-1716 https://www.miggo.io/vulnerability-database/cve/CVE-2025-1716 CVE-2025-1716: Picklescan Analysis Bypass RCE Python Fri, 10 Apr 2026 01:56:08 +0000 https://cyberpress.org/vulnerability-in-python-ply/ https://cyberpress.org/vulnerability-in-python-ply/ Critical Python PLY Library Vulnerability Enables RCE Python Fri, 10 Apr 2026 01:56:08 +0000 https://www.esecurityplanet.com/threats/cve-2025-56005-python-ply-flaw-enables-remote-code-execution/ https://www.esecurityplanet.com/threats/cve-2025-56005-python-ply-flaw-enables-remote-code-execution/ CVE-2025-56005: Python PLY Flaw Enables Remote Code Execution Python Fri, 10 Apr 2026 01:56:07 +0000 https://www.cve.org/CVERecord/SearchResults?query=python https://www.cve.org/CVERecord/SearchResults?query=python CVE Search: Python Python Fri, 10 Apr 2026 01:43:44 +0000 https://www.cvedetails.com/product/18230/Python-Python.html?vendor_id=10210 https://www.cvedetails.com/product/18230/Python-Python.html?vendor_id=10210 Python CVE Details Python Fri, 10 Apr 2026 01:43:43 +0000 https://secalerts.co/vendor/python https://secalerts.co/vendor/python Python Security Vulnerabilities & Risk Score Python Fri, 10 Apr 2026 01:43:42 +0000 https://cybersecuritynews.com/10-high-risk-vulnerabilities-of-2025/ https://cybersecuritynews.com/10-high-risk-vulnerabilities-of-2025/ Top 10 High-Risk Vulnerabilities Of 2025 Exploited in the Wild Python Fri, 10 Apr 2026 01:43:40 +0000 https://stack.watch/product/python/python/ https://stack.watch/product/python/python/ Python Security Vulnerabilities in 2026 Python Fri, 10 Apr 2026 01:43:40 +0000 https://unit42.paloaltonetworks.com/rce-vulnerabilities-in-ai-python-libraries/ https://unit42.paloaltonetworks.com/rce-vulnerabilities-in-ai-python-libraries/ RCE With Modern AI/ML Formats and Python Libraries Python Fri, 10 Apr 2026 01:43:39 +0000 https://www.infosecurity-magazine.com/news/picklescan-flaws-expose-ai-supply/ https://www.infosecurity-magazine.com/news/picklescan-flaws-expose-ai-supply/ Critical PickleScan Vulnerabilities Expose AI Model Supply Chains Python Fri, 10 Apr 2026 01:43:38 +0000 https://snyk.io/blog/poisoned-security-scanner-backdooring-litellm/ https://snyk.io/blog/poisoned-security-scanner-backdooring-litellm/ How a Poisoned Security Scanner Backdoored LiteLLM Python Fri, 10 Apr 2026 01:43:37 +0000 https://thehackernews.com/2026/04/the-state-of-trusted-open-source-report.html https://thehackernews.com/2026/04/the-state-of-trusted-open-source-report.html The State of Trusted Open Source Report Python Mon, 06 Apr 2026 02:02:28 +0000 https://checkmarx.com/zero-post/rapid-exploitation-and-clever-malware-in-the-supply-chain-last-week-in-appsec-2026-04-02/ https://checkmarx.com/zero-post/rapid-exploitation-and-clever-malware-in-the-supply-chain-last-week-in-appsec-2026-04-02/ Rapid Exploitation and Clever Malware in the Supply Chain — Last Week in AppSec Python Mon, 06 Apr 2026 02:02:27 +0000 https://kb.cert.org/vuls/id/221883 https://kb.cert.org/vuls/id/221883 CrewAI contains multiple vulnerabilities including SSRF, RCE Python Mon, 06 Apr 2026 02:02:26 +0000 https://www.sentinelone.com/vulnerability-database/cve-2026-33873/ https://www.sentinelone.com/vulnerability-database/cve-2026-33873/ CVE-2026-33873: Langflow Agentic Assistant RCE Vulnerability Python Mon, 06 Apr 2026 02:02:24 +0000 https://www.sentinelone.com/vulnerability-database/cve-2026-34519/ https://www.sentinelone.com/vulnerability-database/cve-2026-34519/ CVE-2026-34519: AIOHTTP XSS Vulnerability Python Mon, 06 Apr 2026 02:02:23 +0000 https://arxiv.org/pdf/2107.12699 https://arxiv.org/pdf/2107.12699 A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI Python Fri, 03 Apr 2026 15:56:39 +0000 https://www.sonatype.com/blog/bypassing-picklescan-sonatype-discovers-four-vulnerabilities https://www.sonatype.com/blog/bypassing-picklescan-sonatype-discovers-four-vulnerabilities Exposing 4 Critical Vulnerabilities in Python PickleScan | Sonatype Python Fri, 03 Apr 2026 15:56:38 +0000 https://bito.ai/blog/python-sast-tools/ https://bito.ai/blog/python-sast-tools/ Python SAST Tools: Free & Paid Solutions for Secure Code Analysis Python Fri, 03 Apr 2026 15:56:36 +0000 https://medium.com/hackernoon/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03 https://medium.com/hackernoon/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03 10 Common Security Gotchas in Python and How to Avoid Them Python Fri, 03 Apr 2026 15:56:35 +0000 https://semgrep.dev/docs/learn/vulnerabilities/insecure-deserialization/python https://semgrep.dev/docs/learn/vulnerabilities/insecure-deserialization/python Insecure Deserialization in Python | Semgrep Python Fri, 03 Apr 2026 15:56:33 +0000 https://jfrog.com/blog/unveiling-3-zero-day-vulnerabilities-in-picklescan/ https://jfrog.com/blog/unveiling-3-zero-day-vulnerabilities-in-picklescan/ PyTorch Users at Risk: 3 Zero-Day PickleScan Vulnerabilities | JFrog Python Fri, 03 Apr 2026 15:56:32 +0000 https://github.com/mmaitre314/picklescan https://github.com/mmaitre314/picklescan PickleScan - Security Scanner Detecting Suspicious Python Pickle Files Python Fri, 03 Apr 2026 15:56:30 +0000 https://medium.com/@maikelmardjan/python-secure-coding-guidelines-fac884d961c1 https://medium.com/@maikelmardjan/python-secure-coding-guidelines-fac884d961c1 Python Secure Coding Guidelines Python Fri, 03 Apr 2026 15:56:29 +0000 https://dev.to/angelvargasgutierrez/bandit-python-static-application-security-testing-guide-47l0 https://dev.to/angelvargasgutierrez/bandit-python-static-application-security-testing-guide-47l0 Bandit: Python Static Application Security Testing Guide Python Fri, 03 Apr 2026 15:56:27 +0000 https://www.aikido.dev/blog/python-security-vulnerabilities https://www.aikido.dev/blog/python-security-vulnerabilities Python Security Vulnerabilities | Top Issues | Aikido Python Fri, 03 Apr 2026 15:56:26 +0000 https://www.pythonsnacks.com/p/python-function-vs-method-difference https://www.pythonsnacks.com/p/python-function-vs-method-difference The content titled "Functions vs Methods in Python - What's the Difference?" likely explores the distinction between functions and methods in Python programming. Functions are standalone blocks of code that can be called independently, while methods are functions that are associated with objects and are called using dot notation. Functions are more general and can be used across different objects, while methods are specific to the object they belong to. Understanding this difference is crucial in Python programming to effectively utilize both functions and methods in your code. Python Thu, 14 Aug 2025 04:23:05 +0000 https://jacobpadilla.com/articles/recreating-asyncio https://jacobpadilla.com/articles/recreating-asyncio The content discusses the process of recreating Python's asyncio module from scratch. It likely delves into the inner workings and mechanisms of asyncio, which is Python's built-in library for asynchronous programming. The article may provide insights into the design and implementation of asyncio, offering a deeper understanding of how asynchronous operations are managed in Python. Python Thu, 14 Aug 2025 04:23:03 +0000 https://superfastpython.com/asyncio-multiple-event-loops/ https://superfastpython.com/asyncio-multiple-event-loops/ The content discusses how to run multiple concurrent event loops using asyncio in Python, which can lead to faster execution of code. Asyncio allows for asynchronous programming in Python, enabling the execution of multiple tasks concurrently. By running multiple event loops simultaneously, developers can improve the performance of their Python applications. Python Thu, 14 Aug 2025 04:23:01 +0000 https://realpython.com/python-sequences/ https://realpython.com/python-sequences/ The content titled "Python Sequences: A Comprehensive Guide" on Real Python likely provides an in-depth exploration of Python sequences. It may cover various types of sequences in Python, such as lists, tuples, and strings, explaining their properties and how to work with them effectively. The guide may offer detailed explanations, examples, and best practices for utilizing sequences in Python programming. Overall, it seems to be a valuable resource for individuals looking to enhance their understanding and proficiency in working with sequences in Python. Python Thu, 14 Aug 2025 04:22:59 +0000 https://levelup.gitconnected.com/asyncio-patterns-in-python-4d6760c6f145 https://levelup.gitconnected.com/asyncio-patterns-in-python-4d6760c6f145 The content discusses asyncio patterns in Python, focusing on asynchronous programming techniques. The author has written a part 2 of the topic, expanding on the concepts and strategies related to asyncio in Python. The content likely delves into advanced asynchronous programming patterns and practices using Python's asyncio module. Python Thu, 14 Aug 2025 04:22:57 +0000 https://danaepp.com/writing-api-exploits-in-python?utm_source=convertkit&utm_medium=email&utm_campaign=%F0%9F%A4%94+HOWTO%3A+Writing+API+exploits+in+Python+%F0%9F%90%8D%20-%2013134840 https://danaepp.com/writing-api-exploits-in-python?utm_source=convertkit&utm_medium=email&utm_campaign=%F0%9F%A4%94+HOWTO%3A+Writing+API+exploits+in+Python+%F0%9F%90%8D%20-%2013134840 The content is about utilizing Python to create exploits for APIs. It suggests using Python programming language to develop exploits for APIs. Python Thu, 14 Aug 2025 04:22:56 +0000 https://prog.world/creating-dsl-in-python-with-textx-library/ https://prog.world/creating-dsl-in-python-with-textx-library/ The content is about using the textx library in Python to create Domain Specific Languages (DSL). DSLs are specialized languages tailored to specific domains or tasks. The textx library in Python allows developers to define and parse DSLs easily. By leveraging this library, programmers can design custom languages that suit their project requirements efficiently. Python Thu, 14 Aug 2025 04:22:51 +0000 https://proxiesapi.com/articles/python-requests-cheatsheet https://proxiesapi.com/articles/python-requests-cheatsheet The content is a Python Requests Cheatsheet provided by ProxiesAPI. It likely contains useful information, tips, and examples related to making HTTP requests using the Python Requests library in conjunction with ProxiesAPI services. The cheatsheet may cover topics such as how to use proxies, handle headers, cookies, authentication, and other advanced features within the Python Requests library. It serves as a quick reference guide for developers looking to efficiently utilize the Requests library for web scraping, automation, or other HTTP-related tasks. Python Thu, 14 Aug 2025 04:22:49 +0000 https://tonybaloney.github.io/posts/python-gets-a-jit.html https://tonybaloney.github.io/posts/python-gets-a-jit.html Python 3.13 introduces a Just-In-Time (JIT) compiler. This feature aims to improve the performance of Python code by compiling it into machine code at runtime for faster execution. The addition of a JIT compiler in Python 3.13 is a significant development that can potentially enhance the speed and efficiency of Python programs. Python Thu, 14 Aug 2025 04:22:47 +0000 https://realpython.com/python-magic-methods/ https://realpython.com/python-magic-methods/ The content discusses the importance of Python's magic methods in classes and how they can be leveraged to enhance functionality. Magic methods in Python are special methods with double underscores that allow customization of class behavior. By utilizing these magic methods effectively, developers can improve the functionality and flexibility of their classes. The article emphasizes the power and versatility of Python's magic methods in creating more robust and efficient code. Python Thu, 14 Aug 2025 04:22:45 +0000 https://realpython.com/python-serialize-data/ https://realpython.com/python-serialize-data/ The content is about serializing data using Python. Serialization is the process of converting complex data structures into a format that can be easily stored or transmitted. In Python, serialization is commonly done using libraries like Pickle, JSON, or YAML. Serialization is useful for saving data to files, sending data over networks, or storing data in databases. By serializing data, it can be easily reconstructed or shared across different platforms or systems. Python Thu, 14 Aug 2025 04:22:43 +0000 https://realpython.com/python-double-underscore/ https://realpython.com/python-double-underscore/ The article discusses the use of single and double underscores in Python names. Single underscores are used to indicate a variable or method that is intended for internal use, while double underscores are used for name mangling to avoid naming conflicts in subclasses. The article likely delves into the conventions and best practices surrounding the use of underscores in Python variable and method names. Python Thu, 14 Aug 2025 04:22:42 +0000 https://supabase.com/blog/oauth2-login-python-flask-apps https://supabase.com/blog/oauth2-login-python-flask-apps The content briefly mentions integrating GitHub OAuth into a Python Flask app. This likely involves using GitHub's authentication system to allow users to log in to the Flask application using their GitHub credentials. The process may include setting up OAuth authentication, handling user authorization, and accessing GitHub resources securely within the Flask app. The integration of GitHub OAuth can enhance user experience by providing a secure and convenient login method. Python Thu, 14 Aug 2025 04:22:35 +0000 https://github.com/paulpierre/markdown-crawler https://github.com/paulpierre/markdown-crawler The content refers to a GitHub repository named "markdown-crawler" created by a user named paulpierre. It is described as a multithreaded web crawler. The repository likely contains code or a project related to web crawling functionality. Python Thu, 14 Aug 2025 04:22:33 +0000 https://pythonspeed.com/articles/two-thread-pools/ https://pythonspeed.com/articles/two-thread-pools/ The content discusses the importance of having two types of thread pools. It emphasizes the necessity of both types for efficient task management and resource allocation. By utilizing different thread pools, tasks can be appropriately assigned and processed based on their characteristics and requirements. This approach ensures optimal performance and scalability in handling various types of tasks within a system. Python Thu, 14 Aug 2025 04:22:31 +0000 https://medium.com/@ayush-thakur02/python-decorators-that-can-reduce-your-code-by-half-b19f673bc7d8 https://medium.com/@ayush-thakur02/python-decorators-that-can-reduce-your-code-by-half-b19f673bc7d8 The content discusses Python decorators that have the potential to significantly reduce the amount of code you need to write by half. Decorators in Python are functions that modify the behavior of other functions. By using decorators effectively, you can enhance code reusability, readability, and maintainability. This technique allows you to add functionality to existing functions without modifying their code directly. By leveraging decorators, you can streamline your codebase and make it more efficient. Python Thu, 14 Aug 2025 04:22:29 +0000 https://mathspp.com/blog/building-a-python-compiler-and-interpreter https://mathspp.com/blog/building-a-python-compiler-and-interpreter The content seems to be about building a Python compiler and interpreter. It likely discusses the process of creating these tools for the Python programming language. The article may cover topics such as the importance of compilers and interpreters, the technical aspects of building them, and their role in executing Python code efficiently. It could provide insights into the inner workings of Python and how these tools contribute to its functionality. Python Thu, 14 Aug 2025 04:22:27 +0000