Security Advisory

CVE-2026-3298

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-21 14:45:01

Last updated 2026-05-12 13:25:15

Assigner PSF

State PUBLISHED

Description

The method "sock_recvfrom_into()" of "asyncio.ProacterEventLoop" (Windows only) was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected.

← Browse all CVEs View on cve.org ↗