{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-4516", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "state": "PUBLISHED", "assignerShortName": "PSF", "dateReserved": "2025-05-09T14:59:53.878Z", "datePublished": "2025-05-15T13:29:20.126Z", "dateUpdated": "2026-04-21T20:16:47.161Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CPython", "repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "versions": [{"version": "0", "lessThan": "3.10.18", "status": "affected", "versionType": "python"}, {"version": "3.11.0", "lessThan": "3.11.13", "status": "affected", "versionType": "python"}, {"version": "3.12.0", "lessThan": "3.12.11", "status": "affected", "versionType": "python"}, {"version": "3.13.0", "lessThan": "3.13.4", "status": "affected", "versionType": "python"}, {"version": "3.14.0a1", "lessThan": "3.14.0b2", "status": "affected", "versionType": "python"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError."}], "value": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 5.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2026-04-21T20:16:47.161Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://github.com/python/cpython/issues/133767"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/pull/129648"}, {"tags": ["vendor-advisory"], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77"}, {"tags": ["patch"], "url": "https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b"}], "source": {"discovery": "UNKNOWN"}, "title": "Use-after-free in \"unicode_escape\" decoder with error handler", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-15T14:18:44.612125Z", "id": "CVE-2025-4516", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T14:18:50.599Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2025/05/16/4"}, {"url": "http://www.openwall.com/lists/oss-security/2025/05/19/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-05-19T10:03:31.542Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2025/05/16/4"}, {"url": "http://www.openwall.com/lists/oss-security/2025/05/19/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-05-19T10:03:31.542Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-4516", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-15T14:18:44.612125Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T14:18:48.076Z"}}], "cna": {"title": "Use-after-free in \"unicode_escape\" decoder with error handler", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/python/cpython", "vendor": "Python Software Foundation", "product": "CPython", "versions": [{"status": "affected", "version": "0", "lessThan": "3.10.18", "versionType": "python"}, {"status": "affected", "version": "3.11.0", "lessThan": "3.11.13", "versionType": "python"}, {"status": "affected", "version": "3.12.0", "lessThan": "3.12.11", "versionType": "python"}, {"status": "affected", "version": "3.13.0", "lessThan": "3.13.4", "versionType": "python"}, {"status": "affected", "version": "3.14.0a1", "lessThan": "3.14.0b2", "versionType": "python"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/python/cpython/issues/133767", "tags": ["issue-tracking"]}, {"url": "https://github.com/python/cpython/pull/129648", "tags": ["patch"]}, {"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/", "tags": ["vendor-advisory"]}, {"url": "https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77", "tags": ["patch"]}, {"url": "https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "supportingMedia": [{"type": "text/html", "value": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "28c92f92-d60d-412d-b760-e73465c3df22", "shortName": "PSF", "dateUpdated": "2026-04-21T20:16:47.161Z"}}}, "cveMetadata": {"cveId": "CVE-2025-4516", "state": "PUBLISHED", "dateUpdated": "2026-04-21T20:16:47.161Z", "dateReserved": "2025-05-09T14:59:53.878Z", "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22", "datePublished": "2025-05-15T13:29:20.126Z", "assignerShortName": "PSF"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError."}, {"lang": "es", "value": "Hay un problema en CPython al usar `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. Si no usa la codificaci\u00f3n \"unicode_escape\" ni un controlador de errores, su uso no se ve afectado. Para solucionar este problema, puede dejar de usar el controlador `error=` y, en su lugar, encapsular la llamada `bytes.decode()` en un `try-except` que capture el `DecodeError`."}], "id": "CVE-2025-4516", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@python.org", "type": "Secondary"}]}, "published": "2025-05-15T14:15:31.753", "references": [{"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/issues/133767"}, {"source": "cna@python.org", "url": "https://github.com/python/cpython/pull/129648"}, {"source": "cna@python.org", "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/05/16/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/05/19/1"}], "sourceIdentifier": "cna@python.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "cna@python.org", "type": "Secondary"}]}

{"bugzilla": {"description": "cpython: python: CPython DecodeError Handling Vulnerability", "id": "2366509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366509"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "A vulnerability has been identified in CPython's bytes.decode() function when used with the \"unicode_escape\" encoding and the \"ignore\" or \"replace\" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches like data exfiltration, the resulting unexpected program behavior could introduce instability, logic errors, or unintended side effects within applications that rely on this specific decoding functionality."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-4516", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "python", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.11", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python36:3.6/python36", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python39:3.9/python39", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python39-devel:3.9/python39", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.11", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.12", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.9", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-aws-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-azure-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-azure-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-gcp-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-intel-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/granite-3.1-8b-lab-v2.1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/granite-3.1-8b-starter-v2.1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/instructlab-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/instructlab-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-granite-3-1-8b-lab-v2-1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-granite-3-1-8b-starter-v2-1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}], "public_date": "2025-05-15T13:29:20Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-4516\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-4516\nhttps://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142\nhttps://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e\nhttps://github.com/python/cpython/issues/133767\nhttps://github.com/python/cpython/pull/129648\nhttps://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/"], "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-22T11:30:39.302935+00:00", "value": {"mitigation_remediation": ["Refactor any use of bytes.decode(\"unicode_escape\", error=\"ignore\" or \"replace\") to avoid these error handlers, using the default error handling or explicit exception handling instead.", "Wrap bytes.decode(\"unicode_escape\", ...) calls in a try\u2011except block that catches UnicodeDecodeError and handles the data safely.", "Keep CPython updated; apply official patches once available that fix the use\u2011after\u2011free; monitor Python security advisories for new releases."], "summary": {"action": "Apply Workaround", "impact": "Memory Corruption"}, "threat_synthesis": {"affected_systems": "The vulnerability affects CPython implementations from the Python Software Foundation. No specific versions are listed in the CNA data; all releases that allow the use of bytes.decode(\"unicode_escape\", error=\"ignore|replace\") are potentially impacted until a patch is released.", "description_and_impact": "A use\u2011after\u2011free flaw exists in CPython\u2019s unicode_escape decoder when the error handler parameter is set to \"ignore\" or \"replace\". The bug can corrupt memory in the interpreter, potentially leading to application crashes or, if an attacker can supply crafted input, to more severe consequences such as arbitrary code execution. The CVSS score of 5.9 reflects a moderate impact and the flaw is a classic use\u2011after\u2011free. The description does not indicate remote code execution in normal usage, but the underlying weakness remains a serious memory corruption risk.", "risk_and_exploitability": "The EPSS score is below 1%, indicating a very low likelihood of exploitation in the wild at this time. The CVSS score shows moderate severity, and the vulnerability is not currently listed in the CISA KEV catalog. Most likely the attack vector requires code that runs in the context of the vulnerable Python interpreter and supplies input that triggers the UnicodeDecodeError path. In typical deployments an attacker would need to supply crafted byte sequences that hit the error handler logic. Given the low EPSS and lack of public exploit activity, the immediate risk to most systems is low, although the memory corruption remains a serious concern if the flaw is exercised."}}}}, "created": "2025-06-24T09:44:16.733136+00:00", "updated": "2026-04-22T12:00:05.921641+00:00", "vendors": ["python", "python$PRODUCT$cpython"]}