Buffer overflow in Python Software Foundation Cpython

CVE-2026-5713

The "profiling.sampling" module (Python 3.15+) and "asyncio introspection capabilities" (3.14+, "python -m asyncio ps" and "python -m asyncio pstree") features could be used to read and write addresses in a privileged process if that proce…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (5.1th percentile) — read the EPSS interpretation.

Affected products

Python Software Foundation Cpython — versions 3.14.0

Weakness classification (CWE)

References

github.com/python/cpython/pull/148187 (patch)
github.com/python/cpython/issues/148178 (issue-tracking)
mail.python.org/archives/list/security-announce@python.org/thread/OG4RHARYSNIE2… (vendor-advisory)
github.com/python/cpython/commit/289fd2c97a7e5aecb8b69f94f5e838ccfeee7e67 (patch)