{"vulnerability": "CVE-2026-12003", "sightings": [{"uuid": "238285c8-1bab-4c3f-9b04-680ad2072567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mogdvv6nl72p", "content": "[oss-security][CVE-2026-12003] CPython In-tree (development) search paths can be enabled without modifying install directory", "creation_timestamp": "2026-06-16T17:42:32.691785Z"}, {"uuid": "afadf0d0-f58f-4ef6-ad0c-a765a8c2e1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogh75ee632m", "content": "CVE-2026-12003 - CPython >3.11 Insecure Input Validation resulting in privilege escalation\nCVE ID : CVE-2026-12003\n \n Published : June 16, 2026, 5:16 p.m. | 15\u00a0minutes ago\n \n Description : To allow builds of Python to be run from an in-tree layout (rather than\nan installed fil...", "creation_timestamp": "2026-06-16T18:41:26.870563Z"}, {"uuid": "b7059742-7089-4f6e-83c4-b62d250d2a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moisqvs4mz2g", "content": "CVE-2026-12003, from Jake Yamaki of Bishop Fox: CPython uses VPATH and a Modules/setup.local landmark to find in-tree builds, so a low-privilege Windows user can create that path outside the install dir and inject libraries. CVSSv4 5.3. Should release builds ever look for landmarks? #Python", "creation_timestamp": "2026-06-17T17:13:31.307084Z"}, {"uuid": "069b3e2b-d49e-4f10-b9a6-b071707ea2df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12003", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moivkbiuej2p", "content": "CVE-2026-12003 hits Windows Python users across 3.11.15, 3.12.13, 3.13.14, 3.14.6, 3.15.0b2 and earlier: a low-privilege account can inject library folders through a path CPython uses to detect in-tree builds. CVSSv4 5.3. How many Python versions are on your Windows machines? #Python", "creation_timestamp": "2026-06-17T18:03:29.710510Z"}]}