CVE-2026-0864: Vulnerability in Python Software Foundation CPython
When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.
AI Analysis
Technical Summary
CVE-2026-0864 is a vulnerability in the CPython configparser module where writing configuration files with multi-line text values containing carriage return characters (\r) can lead to injection of unexpected keys and values. This happens if an attacker controls the value being written, potentially manipulating the configuration file structure. The vulnerability affects CPython versions before 3.15.0. No official patch or remediation level has been stated in the available data.
Potential Impact
An attacker with the ability to control values written by the configparser module could inject unexpected keys and values into configuration files. This could lead to configuration manipulation or unexpected behavior in applications relying on these config files. The CVSS score of 4.1 indicates a medium severity impact, requiring some privileges and user interaction for exploitation.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, avoid writing untrusted multi-line text containing carriage return characters using the configparser module or sanitize inputs to prevent injection of control characters.
CVE-2026-0864: Vulnerability in Python Software Foundation CPython
Description
When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.
CVSS v4.0
Score 4.1medium
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-0864 is a vulnerability in the CPython configparser module where writing configuration files with multi-line text values containing carriage return characters (\r) can lead to injection of unexpected keys and values. This happens if an attacker controls the value being written, potentially manipulating the configuration file structure. The vulnerability affects CPython versions before 3.15.0. No official patch or remediation level has been stated in the available data.
Potential Impact
An attacker with the ability to control values written by the configparser module could inject unexpected keys and values into configuration files. This could lead to configuration manipulation or unexpected behavior in applications relying on these config files. The CVSS score of 4.1 indicates a medium severity impact, requiring some privileges and user interaction for exploitation.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, avoid writing untrusted multi-line text containing carriage return characters using the configparser module or sanitize inputs to prevent injection of control characters.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- PSF
- Date Reserved
- 2026-01-12T16:07:55.453Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3acbe4eed863c81e6c9a45
Added to database: 06/23/2026, 18:09:40 UTC
Last enriched: 06/23/2026, 18:25:02 UTC
Last updated: 06/23/2026, 22:23:51 UTC
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.