CVE-2026-9669
bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the
CVSS
—
Sin CVSS
EPSS
0.4%
p35
KEV
—
Exploit Today
11
0-100
Publicado: 8 jun 2026 · Última mod.: 7 jul 2026 · CWE-121
0.4%EPSS · 30 días0.4%
2026-06-302026-07-18
bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer. This could crash the process when processing untrusted data.
- github.comhttps://github.com/python/cpython/commit/157a5df8cb5d82b33f918a7489e72ce95ceb12b6
- github.comhttps://github.com/python/cpython/commit/5755d0f083949ff3c5bf3a37e673e24e306b036e
- github.comhttps://github.com/python/cpython/commit/619a12b2e545391dc436b3af79dda22337382a6f
- github.comhttps://github.com/python/cpython/commit/938ec030e90c5e53f1faac6fab1643f14e4f4a79
- github.comhttps://github.com/python/cpython/commit/d3ca26983dfbccdf609f24ff5877dc3118e4702d
- github.comhttps://github.com/python/cpython/issues/150599
- github.comhttps://github.com/python/cpython/pull/150600
- mail.python.orghttps://mail.python.org/archives/list/security-announce@python.org/thread/DBJZETMGUIFK7DVUWMOXHD3Z6IX2QPSX/
- www.openwall.comhttp://www.openwall.com/lists/oss-security/2026/06/08/17
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2025-510878.6 ALT94.0%
——28Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow.14dCVE-2025-510885.3 MED92.6%
——28Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow.14dCVE-2025-510855.3 MED92.6%
——28Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow.14dCVE-2021-271378.1 ALT91.8%
——28An issue was discovered in router/upnp/src/ssdp.c in DD-WRT before 45724. An unsafe strcpy in the UPnP handling functionality allows an unauthenticated remote attacker to send a request that would overflow an internal fixed buffer. Exploitation requires the DD-WRT user to enable UPnP (which is off by default, and only listens on internal interfaces by default). This occurs in ssdp_msearch (reachable by an M-SEARCH request).2dCVE-2025-606908.8 ALT89.1%
——27A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function concatenates up to four user-supplied CGI parameters matching <parameter>_0~3 into a fixed-size buffer (a2) without bounds checking. Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication.14dCVE-2026-248818.1 ALT75.3%
——23In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that could lead to remote code execution.4d