CVE-2026-7246
ADVISORY - nistSummary
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit() function, allowing attackers to pass arbitrary OS commands from an unprivileged account.
EPSS Score: 0.0081 (0.526)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Neutralization of Special Elements used in a Command ('Command Injection')
NIST
CREATED
UPDATED
ADVISORY IDCVE-2026-7246
EXPLOITABILITY SCORE
0.6
EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7.2highDebian
CREATED
UPDATED
ADVISORY IDCVE-2026-7246
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-7246
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumPypA
CREATED
UPDATED
ADVISORY ID
PYSEC-2026-2132
EXPLOITABILITY SCORE
0.6
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.2highAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2026-1854
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-