CVE-2026-6019 | Python CPython up to 3.14.x HTML Parser http.cookies.Morsel.js_output control sequence (ID 90309)

A vulnerability identified as problematic has been detected in Python CPython up to 3.14.x. This affects the function http.cookies.Morsel.js_output of the component HTML Parser. This manipulation causes improper neutralization of escape, meta, or control sequences.

This vulnerability appears as CVE-2026-6019. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More