python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

Important: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

RHSA-2026:19549 Red Hat Security Advisory: python3 security update

Bulletin has no description...

RHSA-2026:19366 Red Hat Security Advisory: python-markdown security update

Bulletin has no description...

RHSA-2026:19197 Red Hat Security Advisory: python-jwcrypto security update

Bulletin has no description...

RHSA-2026:19189 Red Hat Security Advisory: python-tornado security update

Bulletin has no description...

RHSA-2026:19177 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

RHSA-2026:19175 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

RHSA-2026:19155 Red Hat Security Advisory: python-markdown security update

Bulletin has no description...

RHSA-2026:19064 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

RHSA-2026:19042 Red Hat Security Advisory: python-jwcrypto security update

Bulletin has no description...

RHSA-2026:19034 Red Hat Security Advisory: python-tornado security update

Bulletin has no description...

RHSA-2026:19019 Red Hat Security Advisory: python3.14 security update

Bulletin has no description...

RHSA-2026:18957 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

RHSA-2026:18958 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

RHSA-2026:18693 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

Important: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...