There is a MEDIUM severity vulnerability affecting CPython. The Python remote debugging feature could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via the remote debugging feature. This vulnerability requires persistently and repeatedly connecting to the process to be exploited, even after the connecting process crashes with high likelihood due to ASLR.
Please see the linked CVE ID for the latest information on affected versions: * https://www.cve.org/CVERecord?id=CVE-2026-5713 * https://github.com/python/cpython/pull/148187
_______________________________________________ Security-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3//lists/security-announce.python.org Member address: [email protected]
