Sign In

CVE-2026-3276

ADVISORY - nist

Summary

unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. This affects all normalization forms.

EPSS Score: 0.00049 (0.158)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-407

Inefficient Algorithmic Complexity

ADVISORY - redhat

CWE-606

Unchecked Input for Loop Condition

Impacted images

Advisories

Docker

CREATED

UPDATED

ADVISORY ID

CVE-2026-3276

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY
PackageTypeOS NameOS VersionAffected RangesFix Versions
pythondhi--<3.15.0-beta23.15.0-beta2
alpine/python-3.10apkalpine3.23<3.15.0-beta23.15.0-beta2
alpine/python-3.11apkalpine3.23<3.15.0-beta23.15.0-beta2
alpine/python-3.12apkalpine3.23<3.15.0-beta23.15.0-beta2
alpine/python-3.13apkalpine3.23<3.15.0-beta23.15.0-beta2
alpine/python-3.14apkalpine3.23<3.15.0-beta23.15.0-beta2

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

UPDATED

ADVISORY IDCVE-2026-3276
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-407

CVSS SCORE

6.3medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2026-3276
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2026-3276
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

UPDATED

ADVISORY ID

BIT-libpython-2026-3276

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.3medium

Bitnami

CREATED

UPDATED

ADVISORY ID

BIT-python-2026-3276

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.3medium

Bitnami

CREATED

UPDATED

ADVISORY ID

BIT-python-min-2026-3276

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.3medium

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2026-3276
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-606

CVSS SCORE

5.3medium