OESA-2026-1463 python3 security update

🗓️ 28 Feb 2026 12:46:00Reported by GoogleType

osv

osv🔗 osv.dev👁 4 Views

Python security update fixes cookie values, header names and values, and email header injections.

Reporter	Title	Published	Views	Family All 663
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found in CICS Transaction Gateway for Multiplatforms.	21 May 202614:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues	18 Jun 202620:00	–	ibm
ATTACKERKB	CVE-2026-0672	20 Jan 202621:52	–	attackerkb
ATTACKERKB	CVE-2026-1299	23 Jan 202616:27	–	attackerkb
ATTACKERKB	CVE-2026-0865	20 Jan 202621:26	–	attackerkb
ATTACKERKB	CVE-2026-3644	16 Mar 202617:37	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : python3.13, python3.13-devel, python3.13-freethreading (ALAS2023-2026-1437)	19 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : python3.12, python3.12-devel, python3.12-idle (ALAS2023-2026-1444)	19 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2026-1447)	6 Mar 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2026-1583)	13 Apr 202600:00	–	nessus

Source	Link
openeuler	www.openeuler.org/zh/security/security-bulletins/detail/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-0672
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-0865
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-1299

28 Feb 2026 13:03Current

6Medium risk

Vulners AI Score6

CVSS 46

EPSS0.0056

SSVC

cookie values header injection email header injection wsgiref headers bytes generator