NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-9669

Summary	bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer. This could crash the process when processing untrusted data.
Publication Date	June 9, 2026, 8:17 a.m.
Registration Date	June 10, 2026, 4:12 a.m.
Last Update	June 9, 2026, 10:49 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/python/cpython/issues/150599	cna@python.org
2	https://github.com/python/cpython/pull/150600	cna@python.org
3	https://mail.python.org/archives/list/security-announce@python.org/thread/DBJZETMGUIFK7DVUWMOXHD3Z6IX2QPSX/	cna@python.org
4	http://www.openwall.com/lists/oss-security/2026/06/08/17	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-121	スタックオーバーフロー	https://cwe.mitre.org/data/definitions/121.html