CVE-2026-5713

Source
https://cve.org/CVERecord?id=CVE-2026-5713
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-5713.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-5713
Aliases
Downstream
Related
Published
2026-04-14T15:11:51.122Z
Modified
2026-07-16T08:28:05.612328Z
Severity
  • 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target
Details

The "profiling.sampling" module (Python 3.15+) and "asyncio introspection capabilities" (3.14+, "python -m asyncio ps" and "python -m asyncio pstree") features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via the remote debugging feature. This vulnerability requires persistently and repeatedly connecting to the process to be exploited, even after the connecting process crashes with high likelihood due to ASLR.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/5xxx/CVE-2026-5713.json",
    "cna_assigner": "PSF",
    "cwe_ids": [
        "CWE-121",
        "CWE-125"
    ]
}
References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type
GIT
Repo
https://github.com/python/cpython
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "3.14.0"
        },
        {
            "fixed": "3.14.5"
        },
        {
            "introduced": "3.15.0a1"
        },
        {
            "fixed": "3.15.0b1"
        }
    ]
}

Affected versions

v3.*
v3.14.0
v3.14.1
v3.14.2
v3.14.3
v3.14.4
v3.14.5rc1

Database specific

vanir_signatures_modified
"2026-07-16T08:28:05Z"
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-5713.json"
vanir_signatures
[
    {
        "source": "https://github.com/python/cpython/commit/316f6265b7f9ca4ffed5346b747475ef1943f35d",
        "signature_version": "v1",
        "digest": {
            "length": 434.0,
            "function_hash": "122592924793283420928162209528572817026"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-11893e5e",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging_module.c",
            "function": "read_async_debug"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/316f6265b7f9ca4ffed5346b747475ef1943f35d",
        "signature_version": "v1",
        "digest": {
            "length": 451.0,
            "function_hash": "36480780066444008084315036051470167371"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-266e0e3e",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging_module.c",
            "function": "find_frame_in_chunks"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/316f6265b7f9ca4ffed5346b747475ef1943f35d",
        "signature_version": "v1",
        "digest": {
            "length": 2320.0,
            "function_hash": "23673001623472090632997526213511537353"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-5aa714b8",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging_module.c",
            "function": "_remote_debugging_RemoteUnwinder___init___impl"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "length": 427.0,
            "function_hash": "245981505972492190890653013322972258791"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-675f38c1",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging/asyncio.c",
            "function": "read_async_debug"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "length": 3203.0,
            "function_hash": "336267078754507233895692800265045832709"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-69ac6341",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging/module.c",
            "function": "_remote_debugging_RemoteUnwinder___init___impl"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "length": 533.0,
            "function_hash": "42568520184731819157788302753139868446"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-73e6f6cc",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging/frames.c",
            "function": "find_frame_in_chunks"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/316f6265b7f9ca4ffed5346b747475ef1943f35d",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "154369101293967237038745175943453341882",
                "70741686929267821423958649029259500983",
                "187702762548167601262330057507620516207",
                "330883617293950193939203968526815134024",
                "203241740307238504333504378599058256843",
                "334017579599260608772497887781216791089",
                "102785165037480089344419425717698065139",
                "12159153284738911503283705827969832485",
                "97369464338109856136602336089336516791",
                "320228579165286373722569585320823642822",
                "254097505792159030800901135630839785883",
                "297295444819886776360825326696600298970",
                "40871188566960555797534865343993917120",
                "204605549872721594326556575498169706119",
                "260225886543147551484568093290489680913",
                "10890973065704760779058565016116937372",
                "157876391673519883231775916615012091535",
                "95468143904920739101499679098612306899",
                "169811338141474229889964640036945872966",
                "150003071285017334494616244123710064499",
                "153713667884103464519352301069382464122",
                "178622082556897497605004074932221108105",
                "236564396193595019058132210971314991807",
                "152086807615253876703030047474672125569",
                "243136757518700513353262613171805775750",
                "285708693124834684150283698736145713616",
                "82154586460391812451986551836703406410",
                "193915943557584955820597461367109601366",
                "324977655739534484680364669447929522755",
                "172875994508637988581630580447631477338",
                "268177398782905625784657497019566427652"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2026-5713-7feb7058",
        "signature_type": "Line",
        "target": {
            "file": "Modules/_remote_debugging_module.c"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "length": 420.0,
            "function_hash": "220648592042851214713592688769696726902"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-8b4535f2",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging/asyncio.c",
            "function": "ensure_async_debug_offsets"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "149590914155636874669696007226452197698",
                "260225886543147551484568093290489680913",
                "10890973065704760779058565016116937372",
                "157876391673519883231775916615012091535",
                "95468143904920739101499679098612306899",
                "31381927340001534216061549329048069732",
                "114697188066321940155513418539802957569",
                "297758372313771915193870983901370545217",
                "16243910240824376198842730507195351206",
                "214992813336529931958126309895145929143",
                "277420593219157965054539149479059606812"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2026-5713-8f2374a5",
        "signature_type": "Line",
        "target": {
            "file": "Modules/_remote_debugging/asyncio.c"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "length": 1522.0,
            "function_hash": "140914305182492835418233589173880173566"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-8f79bd88",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging/module.c",
            "function": "validate_debug_offsets"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "202669564105719786428683120521353116508",
                "243136757518700513353262613171805775750",
                "285708693124834684150283698736145713616",
                "82154586460391812451986551836703406410"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2026-5713-995742ee",
        "signature_type": "Line",
        "target": {
            "file": "Modules/_remote_debugging/frames.c"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/316f6265b7f9ca4ffed5346b747475ef1943f35d",
        "signature_version": "v1",
        "digest": {
            "length": 1536.0,
            "function_hash": "282863474242457553084245483536917711810"
        },
        "deprecated": false,
        "id": "CVE-2026-5713-b013238d",
        "signature_type": "Function",
        "target": {
            "file": "Modules/_remote_debugging_module.c",
            "function": "validate_debug_offsets"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "183284707183075176221906497311761896164",
                "128400124836604653930790894248897557804",
                "254097505792159030800901135630839785883",
                "297295444819886776360825326696600298970",
                "40871188566960555797534865343993917120",
                "139960504989181189296839754167187329900",
                "193915943557584955820597461367109601366",
                "324977655739534484680364669447929522755",
                "172875994508637988581630580447631477338",
                "268177398782905625784657497019566427652"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2026-5713-f3fdb1bb",
        "signature_type": "Line",
        "target": {
            "file": "Modules/_remote_debugging/module.c"
        }
    },
    {
        "source": "https://github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "298223400776913315262921146786735091506",
                "222999565188564283060666387866510370610",
                "102785165037480089344419425717698065139",
                "244193805291779794716975476202033032583",
                "20565281032612973554945880527344290634",
                "194685666717727536801597506645175765752",
                "50166351641283881063593890755576094205"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "id": "CVE-2026-5713-f8ff6759",
        "signature_type": "Line",
        "target": {
            "file": "Modules/_remote_debugging/_remote_debugging.h"
        }
    }
]