CVE-2026-3276
Gravedad CVSS v4.0:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
03/06/2026
Última modificación:
16/06/2026
Descripción
*** Pendiente de traducción *** unicodedata.normalize() can take excessive CPU time when processing<br />
specially crafted Unicode input containing long runs of combining characters<br />
with alternating Canonical Combining Class values.<br />
This affects all normalization forms.
Impacto
Puntuación base 4.0
6.30
Gravedad 4.0
MEDIA
Referencias a soluciones, herramientas e información
- https://github.com/python/cpython/commit/6b505d1f41f8f3ea0fe5a4786d3a8fff1875cfc0
- https://github.com/python/cpython/commit/90748760d38ca3ac5fc6788a69becab905c95598
- https://github.com/python/cpython/commit/991224b1e8311c85f198f6dd8208bf8cff7fc26f
- https://github.com/python/cpython/commit/ba785b88add96acbf403d65cb157fb2743a33a32
- https://github.com/python/cpython/commit/c5512bd7c1dc28055660565275012766941d3066
- https://github.com/python/cpython/issues/149079
- https://github.com/python/cpython/pull/149080
- https://mail.python.org/archives/list/security-announce@python.org/thread/PP5HB4K7727OBBM76KA2ILID76K3OZGZ/
- http://www.openwall.com/lists/oss-security/2026/06/03/15



