CVE-2026-9669

Published: Giu 09, 2026 Last Modified: Giu 09, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,2

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer. This could crash the process when processing untrusted data.

121

Stack-based Buffer Overflow

Draft

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control Other

Potential Impacts:

Modify Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Other

Applicable Platforms

Languages: Memory-Unsafe, C, C++

Likelihood of Exploit: High

View CWE Details

http://www.openwall.com/lists/oss-security/2026/06/08/17

https://github.com/python/cpython/issues/150599

https://github.com/python/cpython/pull/150600

https://mail.python.org/archives/list/security-announce@pyt…

https://mail.python.org/archives/list/[email protected]/thread/DBJZE…

CVE-2026-9669

Description

Stack-based Buffer Overflow

Common Consequences

Applicable Platforms

Iscriviti alla newsletter