CVE-2026-1299

ADVISORY - nist

Summary

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".

EPSS Score⁠: 0.00046 (0.141)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-93⁠

Improper Neutralization of CRLF Sequences ('CRLF Injection')

Impacted images

Advisories

Docker

CREATED

1 month ago

UPDATED

12 days ago

ADVISORY ID

CVE-2026-1299

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
python	dhi	-	-	<3.13.12	3.13.12
python	dhi	-	-	>=3.14.0-alpha1,<3.14.3	3.14.3
python	dhi	-	-	>=3.15.0-alpha1,<3.15.0-alpha6	3.15.0-alpha6

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

1 month ago

UPDATED

12 days ago

ADVISORY IDCVE-2026-1299⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-93⁠

CVSS SCORE

6medium

Debian

CREATED

1 month ago

UPDATED

7 days ago

ADVISORY IDCVE-2026-1299⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

1 month ago

UPDATED

10 hours ago

ADVISORY IDCVE-2026-1299⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

21 days ago

UPDATED

20 days ago

ADVISORY IDALSA-2026:2128⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

9 days ago

UPDATED

9 days ago

ADVISORY IDALAS2023-2026-1437⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

13 days ago

UPDATED

13 days ago

ADVISORY IDALAS2023-2026-1444⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

23 days ago

UPDATED

3 days ago

ADVISORY ID

BIT-libpython-2026-1299

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6medium

Bitnami

CREATED

23 days ago

UPDATED

3 days ago

ADVISORY ID

BIT-python-2026-1299

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6medium

Bitnami

CREATED

23 days ago

UPDATED

5 days ago

ADVISORY ID

BIT-python-min-2026-1299

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6medium

Oracle

CREATED

21 days ago

UPDATED

21 days ago

ADVISORY IDELSA-2026-2128⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

14 days ago

UPDATED

14 days ago

ADVISORY ID

CGA-pjgm-mfph-cxr6

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY