https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-18T12:32:13.295144+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/238285c8-1bab-4c3f-9b04-680ad2072567/export238285c8-1bab-4c3f-9b04-680ad20725672026-06-18T12:32:13.675334+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "238285c8-1bab-4c3f-9b04-680ad2072567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mogdvv6nl72p", "content": "[oss-security][CVE-2026-12003] CPython In-tree (development) search paths can be enabled without modifying install directory", "creation_timestamp": "2026-06-16T17:42:32.691785Z"}2026-06-16T17:42:32.691785+00:00https://vulnerability.circl.lu/sighting/afadf0d0-f58f-4ef6-ad0c-a765a8c2e1fb/exportafadf0d0-f58f-4ef6-ad0c-a765a8c2e1fb2026-06-18T12:32:13.675197+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "afadf0d0-f58f-4ef6-ad0c-a765a8c2e1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogh75ee632m", "content": "CVE-2026-12003 - CPython >3.11 Insecure Input Validation resulting in privilege escalation\nCVE ID : CVE-2026-12003\n \n Published : June 16, 2026, 5:16 p.m. | 15\u00a0minutes ago\n \n Description : To allow builds of Python to be run from an in-tree layout (rather than\nan installed fil...", "creation_timestamp": "2026-06-16T18:41:26.870563Z"}2026-06-16T18:41:26.870563+00:00https://vulnerability.circl.lu/sighting/b7059742-7089-4f6e-83c4-b62d250d2a3a/exportb7059742-7089-4f6e-83c4-b62d250d2a3a2026-06-18T12:32:13.675028+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "b7059742-7089-4f6e-83c4-b62d250d2a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moisqvs4mz2g", "content": "CVE-2026-12003, from Jake Yamaki of Bishop Fox: CPython uses VPATH and a Modules/setup.local landmark to find in-tree builds, so a low-privilege Windows user can create that path outside the install dir and inject libraries. CVSSv4 5.3. Should release builds ever look for landmarks? #Python", "creation_timestamp": "2026-06-17T17:13:31.307084Z"}2026-06-17T17:13:31.307084+00:00https://vulnerability.circl.lu/sighting/069b3e2b-d49e-4f10-b9a6-b071707ea2df/export069b3e2b-d49e-4f10-b9a6-b071707ea2df2026-06-18T12:32:13.673000+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "069b3e2b-d49e-4f10-b9a6-b071707ea2df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moivkbiuej2p", "content": "CVE-2026-12003 hits Windows Python users across 3.11.15, 3.12.13, 3.13.14, 3.14.6, 3.15.0b2 and earlier: a low-privilege account can inject library folders through a path CPython uses to detect in-tree builds. CVSSv4 5.3. How many Python versions are on your Windows machines? #Python", "creation_timestamp": "2026-06-17T18:03:29.710510Z"}2026-06-17T18:03:29.710510+00:00