CVE-2026-12003 | Python CPython up to 3.14.x on Windows Installation Directory Modules/setup.local VPATH uncontrolled search path (ID 151544)

A vulnerability, which was classified as problematic, was found in Python CPython up to 3.14.x on Windows. This vulnerability affects unknown code of the file Modules/setup.local of the component Installation Directory Handler. The manipulation of the argument VPATH results in uncontrolled search path.

This vulnerability is reported as CVE-2026-12003. The attack requires a local approach. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More