CVE-2026-0865

ADVISORY - nist

Summary

User-controlled header names and values containing newlines can allow injecting HTTP headers.

EPSS Score⁠: 0.00132 (0.327)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-74⁠

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

ADVISORY - redhat

CWE-74⁠

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Impacted images

Advisories

Docker

CREATED

3 months ago

UPDATED

1 month ago

ADVISORY ID

CVE-2026-0865

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
python	dhi	-	-	>=3.13.0-alpha1,<3.13.13	3.13.13
alpine/python-3.10	apk	alpine	3.23	<3.10.20	3.10.20
alpine/python-3.10	apk	alpine	3.23	>=3.11.0-alpha1,<3.11.15	3.11.15
alpine/python-3.10	apk	alpine	3.23	>=3.12.0-alpha1,<3.12.13	3.12.13
alpine/python-3.10	apk	alpine	3.23	>=3.13.0-alpha1,<3.13.13	3.13.13
alpine/python-3.10	apk	alpine	3.23	>=3.14.0-alpha1,<3.14.4	3.14.4
alpine/python-3.10	apk	alpine	3.23	>=3.15.0-alpha1,<3.15.0-alpha7	3.15.0-alpha7
alpine/python-3.11	apk	alpine	3.23	<3.10.20	3.10.20
alpine/python-3.11	apk	alpine	3.23	>=3.11.0-alpha1,<3.11.15	3.11.15
alpine/python-3.11	apk	alpine	3.23	>=3.12.0-alpha1,<3.12.13	3.12.13
alpine/python-3.11	apk	alpine	3.23	>=3.13.0-alpha1,<3.13.13	3.13.13
alpine/python-3.11	apk	alpine	3.23	>=3.14.0-alpha1,<3.14.4	3.14.4
alpine/python-3.11	apk	alpine	3.23	>=3.15.0-alpha1,<3.15.0-alpha7	3.15.0-alpha7
alpine/python-3.12	apk	alpine	3.23	<3.10.20	3.10.20
alpine/python-3.12	apk	alpine	3.23	>=3.11.0-alpha1,<3.11.15	3.11.15
alpine/python-3.12	apk	alpine	3.23	>=3.12.0-alpha1,<3.12.13	3.12.13
alpine/python-3.12	apk	alpine	3.23	>=3.13.0-alpha1,<3.13.13	3.13.13
alpine/python-3.12	apk	alpine	3.23	>=3.14.0-alpha1,<3.14.4	3.14.4
alpine/python-3.12	apk	alpine	3.23	>=3.15.0-alpha1,<3.15.0-alpha7	3.15.0-alpha7
alpine/python-3.13	apk	alpine	3.23	<3.10.20	3.10.20
alpine/python-3.13	apk	alpine	3.23	>=3.11.0-alpha1,<3.11.15	3.11.15
alpine/python-3.13	apk	alpine	3.23	>=3.12.0-alpha1,<3.12.13	3.12.13
alpine/python-3.13	apk	alpine	3.23	>=3.13.0-alpha1,<3.13.13	3.13.13
alpine/python-3.13	apk	alpine	3.23	>=3.14.0-alpha1,<3.14.4	3.14.4
alpine/python-3.13	apk	alpine	3.23	>=3.15.0-alpha1,<3.15.0-alpha7	3.15.0-alpha7
alpine/python-3.14	apk	alpine	3.23	<3.10.20	3.10.20
alpine/python-3.14	apk	alpine	3.23	>=3.11.0-alpha1,<3.11.15	3.11.15
alpine/python-3.14	apk	alpine	3.23	>=3.12.0-alpha1,<3.12.13	3.12.13
alpine/python-3.14	apk	alpine	3.23	>=3.13.0-alpha1,<3.13.13	3.13.13
alpine/python-3.14	apk	alpine	3.23	>=3.14.0-alpha1,<3.14.4	3.14.4
alpine/python-3.14	apk	alpine	3.23	>=3.15.0-alpha1,<3.15.0-alpha7	3.15.0-alpha7
python	dhi	-	-	<3.10.20	3.10.20
python	dhi	-	-	>=3.11.0-alpha1,<3.11.15	3.11.15
python	dhi	-	-	>=3.12.0-alpha1,<3.12.13	3.12.13
python	dhi	-	-	>=3.14.0-alpha1,<3.14.4	3.14.4
python	dhi	-	-	>=3.15.0-alpha1,<3.15.0-alpha7	3.15.0-alpha7

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

3 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2026-0865⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-74⁠

CVSS SCORE

5.9medium

Debian

CREATED

3 months ago

UPDATED

16 hours ago

ADVISORY IDCVE-2026-0865⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

3 months ago

UPDATED

19 days ago

ADVISORY IDCVE-2026-0865⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALSA-2026:2128⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

30 days ago

UPDATED

26 days ago

ADVISORY IDALSA-2026:4168⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

28 days ago

UPDATED

26 days ago

ADVISORY IDALSA-2026:4463⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

28 days ago

UPDATED

20 days ago

ADVISORY IDALSA-2026:4473⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDALAS2-2026-3184⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDALAS2-2026-3185⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2026-1437⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2026-1444⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDALAS2023-2026-1447⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY ID

BIT-libpython-2026-0865

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

Bitnami

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY ID

BIT-python-2026-0865

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

Bitnami

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY ID

BIT-python-min-2026-0865

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.9medium

Red Hat

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2026-0865⁠

EXPLOITABILITY SCORE

0.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-74⁠

CVSS SCORE

4.5medium

Rocky

CREATED

28 days ago

UPDATED

28 days ago

ADVISORY IDRLSA-2026:4168⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

27 days ago

UPDATED

27 days ago

ADVISORY IDRLSA-2026:4463⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

26 days ago

UPDATED

26 days ago

ADVISORY IDRLSA-2026:4473⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

12 days ago

UPDATED

12 days ago

ADVISORY IDRLSA-2026:4713⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDELSA-2026-2128⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

28 days ago

UPDATED

28 days ago

ADVISORY IDELSA-2026-4463⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

28 days ago

UPDATED

28 days ago

ADVISORY IDELSA-2026-4473⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

23 days ago

UPDATED

23 days ago

ADVISORY IDELSA-2026-4713⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

CGA-q8pr-wxrw-3vx3

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

MINI-8fcx-736x-vj46

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

MINI-99vm-pp5c-jc8p

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

MINI-fh4c-v6j3-p5x7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

MINI-fp4p-227x-m3w2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

MINI-jqfv-cqgf-j82c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY