NetBSD 9.4

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2025-68146 CVE-2026-22701 Upstream summary: pkgsrc audit-packages flagged py{27,39,310,311,312,313,314}-filelock<3.20.1 for vulnerability class 'symlink-attack'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-68146 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2025-47278 CVE-2018-1000656 CVE-2019-1010083 CVE-2026-27205 Upstream summary: pkgsrc audit-packages flagged py{39,310,311,312,313}-flask>=3.1.0<3.1.1 for vulnerability class 'improper-access-control'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-47278 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2018-16516 Upstream summary: pkgsrc audit-packages flagged py{27,34,35,36,37,38}-flask-admin-[0-9]* for vulnerability class 'cross-site-scripting'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-16516 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2020-25032 Upstream summary: pkgsrc audit-packages flagged py{27,34,35,36,37,38}-flask-cors<3.0.9 for vulnerability class 'directory-traversal'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-25032 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2019-16925 CVE-2019-16926 CVE-2022-30034 Upstream summary: pkgsrc audit-packages flagged py{27,34,35,36,37,38}-flower-[0-9]* for vulnerability class 'cross-site-scripting'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-16925 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2023-45139 CVE-2025-66034 Upstream summary: pkgsrc audit-packages flagged py{37,38,39,310,311,312}-fonttools>4.28.2<4.43.0 for vulnerability class 'xml-external-entity-vulnerability'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-45139 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2025-11687 Upstream summary: pkgsrc audit-packages flagged py{27,310,311,312,313,314}-gi-docgen<2025.5 for vulnerability class 'cross-site-scripting'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-11687 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2013-7323 CVE-2014-1927 CVE-2014-1928 CVE-2014-1929 Upstream summary: pkgsrc audit-packages flagged py{34,33,32,27,26}-gnupg<0.3.6 for vulnerability class 'arbitrary-command-execution'. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7323 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2018-1000164 Upstream summary: pkgsrc audit-packages flagged py{27,34,35,36}-gunicorn<19.5.0 for vulnerability class 'http-header-injection'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-1000164 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: NetBSD 9.4 📖 ~4 min read  •  Source: pkgsrc audit-packages entry Related CVEs: CVE-2025-43859 Upstream summary: pkgsrc audit-packages flagged py{39,310,311,312,313}-h11<0.16.0 for vulnerability class 'request-smuggling'. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-43859 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis […]