Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-1299

Summary
Assigner-PSF
Assigner Org ID-28c92f92-d60d-412d-b760-e73465c3df22
Published At-23 Jan, 2026 | 16:27
Updated At-13 Feb, 2026 | 16:20
Rejected At-
Credits

email BytesGenerator header injection due to unquoted newlines

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:PSF
Assigner Org ID:28c92f92-d60d-412d-b760-e73465c3df22
Published At:23 Jan, 2026 | 16:27
Updated At:13 Feb, 2026 | 16:20
Rejected At:
▼CVE Numbering Authority (CNA)
email BytesGenerator header injection due to unquoted newlines

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".

Affected Products
Vendor
Python Software FoundationPython Software Foundation
Product
CPython
Repo
https://github.com/python/cpython
Modules
  • email
Default Status
unaffected
Versions
Affected
  • From 0 before 3.13.12 (python)
  • From 3.14.0 before 3.14.3 (python)
  • From 3.15.0a1 before 3.15.0a6 (python)
Problem Types
TypeCWE IDDescription
CWECWE-93CWE-93
Type: CWE
CWE ID: CWE-93
Description: CWE-93
Metrics
VersionBase scoreBase severityVector
4.06.0MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
Version: 4.0
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/python/cpython/pull/144126
patch
https://github.com/python/cpython/issues/144125
issue-tracking
https://cve.org/CVERecord?id=CVE-2024-6923
related
https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/
vendor-advisory
https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413
patch
https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8
patch
https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9
patch
https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4
patch
https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36
patch
https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a
patch
Hyperlink: https://github.com/python/cpython/pull/144126
Resource:
patch
Hyperlink: https://github.com/python/cpython/issues/144125
Resource:
issue-tracking
Hyperlink: https://cve.org/CVERecord?id=CVE-2024-6923
Resource:
related
Hyperlink: https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/
Resource:
vendor-advisory
Hyperlink: https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36
Resource:
patch
Hyperlink: https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@python.org
Published At:23 Jan, 2026 | 17:16
Updated At:13 Feb, 2026 | 17:16

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.06.0MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-93Secondarycna@python.org
CWE ID: CWE-93
Type: Secondary
Source: cna@python.org
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cve.org/CVERecord?id=CVE-2024-6923cna@python.org
N/A
https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413cna@python.org
N/A
https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8cna@python.org
N/A
https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9cna@python.org
N/A
https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4cna@python.org
N/A
https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36cna@python.org
N/A
https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831acna@python.org
N/A
https://github.com/python/cpython/issues/144125cna@python.org
N/A
https://github.com/python/cpython/pull/144126cna@python.org
N/A
https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/cna@python.org
N/A
Hyperlink: https://cve.org/CVERecord?id=CVE-2024-6923
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/commit/052e55e7d44718fe46cbba0ca995cb8fcc359413
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/commit/0a925ab591c45d6638f37b5e57796f36fa0e56d8
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/commit/7877fe424415bc4a13045e62a90a7277413d8cb9
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/commit/842ce19a0c0b58d61591e8f6a708c38db1fb94e4
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/commit/8cdf6204f4ae821f32993f8fc6bad0d318f95f36
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/commit/e417f05ad77a4c30ddc07f99e90fc0cef43e831a
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/issues/144125
Source: cna@python.org
Resource: N/A
Hyperlink: https://github.com/python/cpython/pull/144126
Source: cna@python.org
Resource: N/A
Hyperlink: https://mail.python.org/archives/list/security-announce@python.org/thread/6ZZULGALJTITEAGEXLDJE2C6FORDXPBT/
Source: cna@python.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2Records found
CVE-2026-0672
Matching Score-10
Assigner-Python Software Foundation
ShareView Details
Matching Score-10
Assigner-Python Software Foundation
CVSS Score-6||MEDIUM
EPSS-0.16% / 37.38%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:52
Updated-11 Feb, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Header injection in http.cookies.Morsel

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.

Action-Not Available
Vendor-Python Software Foundation
Product-CPython
CWE ID-CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
CVE-2025-15282
Matching Score-6
Assigner-Python Software Foundation
ShareView Details
Matching Score-6
Assigner-Python Software Foundation
CVSS Score-6||MEDIUM
EPSS-0.05% / 14.03%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:35
Updated-11 Feb, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Header injection via newlines in data URL mediatype

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.

Action-Not Available
Vendor-Python Software Foundation
Product-CPython
CWE ID-CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
Details not found