CVE-2026-3479 | Python CPython up to 3.14.x pkgutil.get_data resource path traversal

A vulnerability marked as critical has been reported in Python CPython up to 3.14.x. Affected by this vulnerability is the function pkgutil.get_data. The manipulation of the argument resource leads to path traversal.

This vulnerability is listed as CVE-2026-3479. The attack must be carried out locally. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More