Alerts This Week
Warning Icon 1 929
Alerts This Week
Warning Icon 1 929

Fedora 42 Python 3.15 Vulnerability 2026 Risk of Arbitrary Code Execution

fedora
Calendar Grey May 23, 2026
Dist Fedora Esm H88
Install Python 3.15 prerelease address critical security issues from several CVEs on Fedora 42 promptly.
A new prerelease of Python 3.15 with fixes to several CVEs.

Summary

Python 3.15 is an accessible, high-level, dynamically typed, interpreted

programming language, designed with an emphasis on code readability.

It includes an extensive standard library, and has a vast ecosystem of

third-party libraries.

The python3.15 package provides the "python3.15" executable: the reference

interpreter for the Python language, version 3.

The majority of its standard library is provided in the python3.15-libs package,

which should be installed automatically along with python3.15.

The remaining parts of the Python standard library are broken out into the

python3.15-tkinter and python3.15-test packages, which may need to be installed

separately.

Documentation for Python is provided in the python3.15-docs package.

Packages containing additional libraries for Python are generally named with

the "python3.15-" prefix.

Update Information:

A new prerelease of Python 3.15 with fixes to several CVEs.

Topics%20covered

Topics Covered

security advisory fedora arbitrary code execution information disclosure high risk python3

Change Log

* Mon May 11 2026 Karolina Surma - 3.15.0~b1-1 - Update to Python 3.15.0b1

References


[ 1 ] Bug #2457945 - CVE-2026-1502 python3.15: Python: HTTP header injection via CR/LF in proxy tunnel headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2457945 [ 2 ] Bug #2458017 - CVE-2026-6100 python3.15: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458017 [ 3 ] Bug #2458225 - CVE-2026-4786 python3.15: Python: Arbitrary code execution via command injection in webbrowser.open() API [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458225 [ 4 ] Bug #2458489 - CVE-2026-5713 python3.15: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458489 [ 5 ] Bug #2461289 - CVE-2026-3219 python3.15: pip: Incorrect file installation due to improper archive handling [fedora-all] https://bu...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e7dc1a8950' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: python3.15
Product: Fedora 42
Version: 3.15.0~b1
Release: 1.fc42
URL: https://www.python.org/
Summary: Version 3.15 of the Python interpreter

Topics%20covered

Topics Covered

security advisory fedora arbitrary code execution information disclosure high risk python3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here