{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2026-9669", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "state": "PUBLISHED", "assignerShortName": "PSF", "dateReserved": "2026-05-27T03:13:18.152Z", "datePublished": "2026-06-08T22:01:15.420Z", "dateUpdated": "2026-06-16T12:23:44.258Z" }, "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "modules": [ "bz2" ], "product": "CPython", "repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "versions": [ { "version": "0", "lessThan": "3.13.14", "status": "affected", "versionType": "python" }, { "version": "3.14.0", "lessThan": "3.14.6", "status": "affected", "versionType": "python" }, { "version": "3.15.0a1", "lessThan": "3.15.0", "status": "affected", "versionType": "python" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "value": "Bitshift (https://github.com/TheShiftedBit)" }, { "lang": "en", "type": "coordinator", "value": "Emma Smith (https://github.com/emmatyping)" }, { "lang": "en", "type": "remediation developer", "value": "Stan Ulbrych (https://github.com/StanFromIreland)" }, { "lang": "en", "type": "remediation reviewer", "value": "Serhiy Storchaka (https://github.com/serhiy-storchaka)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "type": "text/html", "value": "bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer. This could crash the process when processing untrusted data." } ], "value": "bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer. This could crash the process when processing untrusted data." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 8.2, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based buffer overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2026-06-10T18:57:19.975Z" }, "references": [ { "tags": [ "patch" ], "url": "https://github.com/python/cpython/pull/150600" }, { "tags": [ "vendor-advisory" ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/DBJZETMGUIFK7DVUWMOXHD3Z6IX2QPSX/" }, { "tags": [ "issue-tracking" ], "url": "https://github.com/python/cpython/issues/150599" }, { "tags": [ "patch" ], "url": "https://github.com/python/cpython/commit/157a5df8cb5d82b33f918a7489e72ce95ceb12b6" }, { "tags": [ "patch" ], "url": "https://github.com/python/cpython/commit/5755d0f083949ff3c5bf3a37e673e24e306b036e" }, { "tags": [ "patch" ], "url": "https://github.com/python/cpython/commit/619a12b2e545391dc436b3af79dda22337382a6f" }, { "tags": [ "patch" ], "url": "https://github.com/python/cpython/commit/d3ca26983dfbccdf609f24ff5877dc3118e4702d" } ], "source": { "discovery": "UNKNOWN" }, "title": "bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow", "x_generator": { "engine": "cvelib 1.8.0" } }, "adp": [ { "title": "CVE Program Container", "references": [ { "url": "http://www.openwall.com/lists/oss-security/2026/06/08/17" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-06-08T23:27:25.188Z" } }, { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2026-06-16T12:23:25.378543Z", "id": "CVE-2026-9669", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-16T12:23:44.258Z" } } ] } }