python software foundation
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting python software foundation.
- BDU:2026-08551Уязвимость функции ast_for_if_stmt() интерпретатора языка программирования Python (CPython), связанная с ошибками разыменования указателей, позволяющая нарушителю вызвать отказ в обслуживании5.5
- CVE-2026-7210The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection7.5
- CVE-2026-3087shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs7.5
- CVE-2026-41140Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.48.7
- CVE-2026-6019BaseCookie.js_output() does not neutralize embedded characters6.1
- CVE-2026-5713Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target5.6
- CVE-2026-4786Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()7.1
- CVE-2026-6100Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure8.1
- CVE-2026-5271Possible to hijack modules in current working directory7.8
- CVE-2026-25645Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function4.4
- CVE-2026-4519webbrowser.open() allows leading dashes in URLs3.3
- CVE-2026-4224Stack overflow parsing XML with deeply nested DTD content models7.5
- CVE-2026-3644Incomplete control character validation in http.cookies7.5
- CVE-2025-13462tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling3.3
- CVE-2026-2297SourcelessFileLoader does not use io.open_code()5.5