CVE-2026-5713

medium

Red Hat

CVSS v3 Base Score

6.0

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

Attack Characteristics

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Confidentiality

High

Integrity

High

Availability

None

Published: April 14, 2026 (29 days ago)

Last Modified: April 14, 2026

Vendor: Red Hat

Source: REDHAT

Description

A flaw was found in Python. A malicious Python process could exploit the "profiling.sampling" module and "asyncio introspection capabilities" to read and write memory addresses within a privileged process. This vulnerability occurs when the privileged process connects to the malicious process via its remote debugging feature, potentially leading to information disclosure and arbitrary code execution. Successful exploitation requires repeated connections, which may cause instability in the connecting process.

CWE

CWE-822

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9Red Hat Enterprise Linux AI (RHEL AI) 3

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 github.com 🔗 github.com

CVE-2026-5713

Vulnerability Report

Description

CWE

Affected Products

References