5 matches found
CVE-2026-5271
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...
CVE-2026-5271
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...
CVE-2026-5271 Possible to hijack modules in current working directory
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...
CVE-2026-5271
CVE-2026-5271 concerns the Python tool pymanager, where the current working directory is added to sys.path. The underlying issue is that modules in the attacker-controlled directory can shadow intended packages, enabling a malicious module to be imported and executed when pymanager-generated comm...
CVE-2026-5271 Possible to hijack modules in current working directory
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...