CVE-2026-0864 - Configuration Injection via Carriage Return (\r) in write() method
CVE ID :CVE-2026-0864
Published : June 23, 2026, 5:42 p.m. | 1 hour, 59 minutes ago
Description :When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 23, 2026, 5:42 p.m. | 1 hour, 59 minutes ago
Description :When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...