SUSE CVE-2026-25673

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-25673 via django (>=4.2.0 <=4.2.28)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-25673 Source advisory: SNYK:PYTHON-DJANGO-15371389...

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +28 more potentially affected by CVE-2026-25673 via django (>=5.2.0 <=5.2.11)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =5.2.0, =5.2.1 and more Source cves: CVE-2026-25673 Source advisory: SNYK:PYTHON-DJANGO-15371389...

arches (=8.0.0a1), django-accounts-api (=1.2.5) +26 more potentially affected by CVE-2026-25673 via django (>=6.0.0 <=6.0.2)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =6.0.0rc1 and more Source cves: CVE-2026-25673 Source advisory: SNYK:PYTHON-DJANGO-15371389...

CVE-2026-25673

creationtimestamp| type| source ---|---|--- 2026-03-03 15:52:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg64sxpox22y 2026-03-03 16:20:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mg66ev2kou2n 2026-03-03 17:52:57+00:00| seen|...

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-25673 via django (>=4.2.0 <=4.2.28)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-25673 Source advisory: OSV:GHSA-8P8V-WH79-9R56...

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +28 more potentially affected by CVE-2026-25673 via django (>=5.2.0 <=5.2.11)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =5.2.0, =5.2.1 and more Source cves: CVE-2026-25673 Source advisory: OSV:GHSA-8P8V-WH79-9R56...

arches (=8.0.0a1), django-accounts-api (=1.2.5) +26 more potentially affected by CVE-2026-25673 via django (>=6.0.0 <=6.0.2)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =6.0.0rc1 and more Source cves: CVE-2026-25673 Source advisory: OSV:GHSA-8P8V-WH79-9R56...

CVE-2026-25673

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...

CVE-2026-25673

Django is affected in multiple supported branches: 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. The issue arises in URLField.to_python(), where urllib.parse.urlsplit() performs NFKC normalization on Windows, causing excessive processing time for certain Unicode characters and enabl...

CVE-2026-25673

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...