Fedora 42 python3.9 Critical Arbitrary Code Exec 2026-60a694a385
fedora
April 30, 2026
Security fixes for CVE-2026-4786 and CVE-2026-6100
Summary
Python 3.9 package for developers.
This package exists to allow developers to test their code against an older
version of Python. This is not a full Python stack and if you wish to run
your applications with Python 3.9, see other distributions
that support it, such as CentOS or RHEL or older Fedora releases.
Update Information:
Security fixes for CVE-2026-4786 and CVE-2026-6100
Change Log
* Fri Apr 17 2026 Charalampos Stratakis
References
[ 1 ] Bug #2458019 - CVE-2026-6100 python3.9: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2458019
[ 2 ] Bug #2458227 - CVE-2026-4786 python3.9: Python: Arbitrary code execution via command injection in webbrowser.open() API [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2458227
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-60a694a385' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: python3.9
Product: Fedora 42
Version: 3.9.25
Release: 9.fc42
Summary: Version 3.9 of the Python interpreter
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!