CVE-2026-1502 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

openSUSE / SLES Releases

openSUSE Product

Release

libpython3_10-1_0

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

libpython3_4m1_0

suse enterprise server 12 SP3	3.4.10-25.185.1 fixed
suse enterprise server 12 SP5	3.4.10-25.185.1 fixed

libpython3_4m1_0-32bit

suse enterprise server 12 SP5

3.4.10-25.185.1

fixed

libpython3_6m1_0

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

libpython3_9-1_0

suse enterprise server 15 SP5

3.9.25-150300.4.106.1

fixed

python3

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 12 SP3	3.4.10-25.185.1 fixed
suse enterprise server 12 SP5	3.4.10-25.185.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

python3-base

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 12 SP3	3.4.10-25.185.1 fixed
suse enterprise server 12 SP5	3.4.10-25.185.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

python3-curses

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 12 SP3	3.4.10-25.185.1 fixed
suse enterprise server 12 SP5	3.4.10-25.185.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

python3-dbm

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

python3-devel

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 12 SP5	3.4.10-25.185.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

python3-idle

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

python3-tk

suse enterprise desktop 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise sap 15 SP7	3.6.15-150300.10.118.1 fixed
suse enterprise server 12 SP5	3.4.10-25.185.1 fixed
suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP7	3.6.15-150300.10.118.1 fixed

python3-tools

suse enterprise server 15 SP4	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP5	3.6.15-150300.10.118.1 fixed
suse enterprise server 15 SP6	3.6.15-150300.10.118.1 fixed

python310

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python310-base

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python310-curses

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python310-dbm

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python310-devel

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python310-idle

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python310-tk

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python310-tools

suse enterprise server 15 SP4

3.10.20-150400.4.112.1

fixed

python39

suse enterprise server 15 SP5

3.9.25-150300.4.106.1

fixed

python39-base

suse enterprise server 15 SP5

3.9.25-150300.4.106.1

fixed

python39-curses

suse enterprise server 15 SP5

3.9.25-150300.4.106.1

fixed

python39-dbm

suse enterprise server 15 SP5

3.9.25-150300.4.106.1

fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

python3.12

RHEL 8	0:3.12.13-2.el8_10 fixed
RHEL 9	0:3.12.13-2.el9_8 fixed

python3.12-debug

RHEL 8	0:3.12.13-2.el8_10 fixed
RHEL 9	0:3.12.13-2.el9_8 fixed

python3.12-devel

RHEL 8	0:3.12.13-2.el8_10 fixed
RHEL 9	0:3.12.13-2.el9_8 fixed

python3.12-idle

RHEL 8	0:3.12.13-2.el8_10 fixed
RHEL 9	0:3.12.13-2.el9_8 fixed

python3.12-libs

RHEL 8	0:3.12.13-2.el8_10 fixed
RHEL 9	0:3.12.13-2.el9_8 fixed

python3.12-rpm-macros

RHEL 8

0:3.12.13-2.el8_10

fixed

python3.12-test

RHEL 8	0:3.12.13-2.el8_10 fixed
RHEL 9	0:3.12.13-2.el9_8 fixed

python3.12-tkinter

RHEL 8	0:3.12.13-2.el8_10 fixed
RHEL 9	0:3.12.13-2.el9_8 fixed

python3.14

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-debug

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-devel

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-freethreading

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-freethreading-debug

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-freethreading-devel

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-freethreading-idle

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-freethreading-libs

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-freethreading-test

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-freethreading-tkinter

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-idle

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-libs

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-test

RHEL 9

0:3.14.4-2.el9_8

fixed

python3.14-tkinter

RHEL 9

0:3.14.4-2.el9_8

fixed

Common Weakness Enumeration

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
The software uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

References

https://github.com/python/cpython/commit/05ed7ce7ae9e17c23a04085b2539fe6d6d3cef69

https://github.com/python/cpython/commit/b1cf9016335cb637c5a425032e8274a224f4b2ed

https://github.com/python/cpython/issues/146211

https://github.com/python/cpython/pull/146212

https://mail.python.org/archives/list/security-announce@python.org/thread/2IVPAEQWUJBCTQZEJEVTYCIKSMQPGRZ3/

http://www.openwall.com/lists/oss-security/2026/04/11/4