Vulners
Lucene search
Linux Distros Unpatched Vulnerability : CVE-2026-12003
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2026-12003 | 16 Jun 202617:42 | – | circl |
 | CVE-2026-12003 | 16 Jun 202615:18 | – | cve |
 | CVE-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation | 16 Jun 202615:18 | – | cvelist |
 | EUVD-2026-37125 | 16 Jun 202615:18 | – | euvd |
 | CVE-2026-12003 | 16 Jun 202617:16 | – | nvd |
 | PSF-2026-28 | 16 Jun 202615:18 | – | osv |
| UBUNTU-CVE-2026-12003 | 17 Jun 202600:00 | – | osv |
 | PT-2026-49724 | 16 Jun 202600:00 | – | ptsecurity |
 | CVE-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation | 16 Jun 202615:18 | – | vulnrichment |
| Source | Link |
|---|---|
| ubuntu | www.ubuntu.com/security/CVE-2026-12003 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(321379);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/17");
script_cve_id("CVE-2026-12003");
script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2026-12003");
script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.
- To allow builds of Python to be run from an in-tree layout (rather than an installed file layout), the
VPATH variable is defined at build time and used to locate certain landmarks - specifically,
Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python
assumes it is running in a source tree and generates a different default sys.path. This code remains in
release builds, so that release-ready builds can be built in-tree. On Windows, since builds are written to
'PCbuild/', the value of VPATH is set to '..\..', which results in a landmark of
'..\..\Modules\setup.local'. This path is outside the install directory of Python, and may have different
permissions, potentially allowing a low-privilege user to create the landmark and an alternative `Lib`
folder that will be discovered by an otherwise restricted install. Such a setup occurs with the legacy
default install location for all users (in the now superseded EXE installer), due to how Windows allows
all users to create folders in the root directory of their OS drive. Our recommended mitigation on Windows
is to migrate away from the legacy installer and use the new [Python install
manager](https://www.python.org/downloads/latest/pymanager/) to install for the current user. Installs
where the directory two levels above the Python installation directory have equivalent permissions are
unaffected (in general, a per-user install cannot be modified at all by other users, removing any
escalation of privilege risk, and could be directly modified by a privileged user, making the potential
tampering irrelevant). Alternative mitigations might include preemptively creating and restricting access
to a `Modules` directory. Be aware that only 3.13 and 3.14 will receive updated legacy installers -
earlier fixes are only provided as sources. Platforms other than Windows allow VPATH to be overridden, but
as they don't usually use a separated directory in the build for binaries, are unlikely to have a landmark
reference outside of the install directory. The landmark detection involving VPATH is a fallback for when
a more specific landmark - .\pybuilddir.txt - is absent, and was included for compatibility. Future
releases of Python will no longer include the fallback, and so builds will need to generate or preserve
the pybuilddir.txt file in order to work in-tree. This landmark file has been generated on Windows since
3.11, and on other platforms for longer. (CVE-2026-12003)
Note that Nessus relies on the presence of the package as reported by the vendor.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2026-12003");
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-12003");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vendor_unpatched", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/06/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/17");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:25.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:26.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cython");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
script_require_ports("Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-22.04", "Host/OS/Ubuntu Linux-24.04", "Host/OS/Ubuntu Linux-25.10", "Host/OS/Ubuntu Linux-26.04");
exit(0);
}
if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);
include('linux_unpatched.inc');
var distro_constraints_array = {
"Ubuntu Linux-16.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "16.04",
"pkgs": [
{"reference": "cython"}
]
}
]
},
"Ubuntu Linux-18.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "18.04",
"pkgs": [
{"reference": "cython"}
]
}
]
},
"Ubuntu Linux-20.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "20.04",
"pkgs": [
{"reference": "cython"}
]
}
]
},
"Ubuntu Linux-22.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "22.04",
"pkgs": [
{"reference": "cython"}
]
}
]
},
"Ubuntu Linux-24.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "24.04",
"pkgs": [
{"reference": "cython"}
]
}
]
},
"Ubuntu Linux-25.10": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "25.10",
"pkgs": [
{"reference": "cython"}
]
}
]
},
"Ubuntu Linux-26.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "26.04",
"pkgs": [
{"reference": "cython"}
]
}
]
}
};
var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);
if (!empty_or_null(report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : report
);
exit(0);
}
else
{
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 00:00Current
5.4Medium risk
Vulners AI Score5.4
CVSS 45.3
EPSS0.00136
SSVC