RLSA-2026:10950

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

• expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)

• python: Quadratic complexity in os.path.expandvars() with user-controlled template (CVE-2025-6075)

• cpython: Out-of-memory when loading Plist (CVE-2025-13837)

• cpython: Header injection via newlines in data URL mediatype in Python (CVE-2025-15282)

• cpython: Header injection in http.cookies.Morsel in Python (CVE-2026-0672)

• cpython: CPython: Logging Bypass in Legacy .pyc File Handling (CVE-2026-2297)

• cpython: Incomplete control character validation in http.cookies (CVE-2026-3644)

• cpython: Stack overflow parsing XML with deeply nested DTD content models (CVE-2026-4224)

• python: Python: HTTP header injection via CR/LF in proxy tunnel headers (CVE-2026-1502)

• python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules (CVE-2026-6100)

• python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API (CVE-2026-4786)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.