CVE-2026-3446

🗓️ 10 Apr 2026 19:16:00Reported by ubuntu.comType

Base64 decoding stops at the first padded quad, causing inconsistent data handling; use validate True for strict processing.

Reporter	Title	Published	Views	Family All 60
ATTACKERKB	CVE-2026-3446	10 Apr 202618:17	–	attackerkb
Circl	CVE-2026-3446	11 Apr 202602:35	–	circl
CNNVD	Python 安全漏洞	10 Apr 202600:00	–	cnnvd
CVE	CVE-2026-3446	10 Apr 202618:17	–	cve
Cvelist	CVE-2026-3446 Base64 decoding stops at first padded quad by default	10 Apr 202618:17	–	cvelist
Debian CVE	CVE-2026-3446	10 Apr 202618:17	–	debiancve
EUVD	EUVD-2026-21545	10 Apr 202621:31	–	euvd
NVD	CVE-2026-3446	10 Apr 202619:16	–	nvd
OPENSUSE Linux	python310-3.10.20-5.1 on GA media (moderate)	20 Apr 202600:00	–	opensuse
OPENSUSE Linux	python315-3.15.0~a8-2.1 on GA media (moderate)	20 Apr 202600:00	–	opensuse

OS	OS Version	Architecture	Package	Filename
Ubuntu	26.04	any	pypy3	pypy3_0_any.deb
Ubuntu	20.04	any	pypy3	pypy3_0_any.deb
Ubuntu	22.04	any	pypy3	pypy3_0_any.deb
Ubuntu	24.04	any	pypy3	pypy3_0_any.deb
Ubuntu	25.10	any	pypy3	pypy3_0_any.deb
Ubuntu	14.04	any	python2.7	python2.7_0_any.deb
Ubuntu	16.04	any	python2.7	python2.7_0_any.deb
Ubuntu	18.04	any	python2.7	python2.7_0_any.deb
Ubuntu	20.04	any	python2.7	python2.7_0_any.deb
Ubuntu	22.04	any	python2.7	python2.7_0_any.deb

Source	Link
cve	www.cve.org/CVERecord
mail	www.mail.python.org/archives/list/[email protected]/thread/F5ZT5ICGJ6CKXVUJ34YBVY7WOZ5SHG53/
github	www.github.com/python/cpython/issues/145264
github	www.github.com/python/cpython/pull/145267
github	www.github.com/python/cpython/commit/1f9958f909c1b41a4ffc0b613ef8ec8fa5e7c474
github	www.github.com/python/cpython/commit/4561f6418a691b3e89aef0901f53fe0dfb7f7c0e
github	www.github.com/python/cpython/commit/e31c55121620189a0d1a07b689762d8ca9c1b7fa

16 Apr 2026 03:59Current

5.7Medium risk

Vulners AI Score5.7

CVSS 46

EPSS0.00188

SSVC