Security Advisory

CVE-2026-34444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-06 15:30:30

Last updated 2026-04-06 18:37:15

Assigner GitHub_M

State PUBLISHED

Description

Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attribute_filter is not consistently applied when attributes are accessed through built-in functions like getattr and setattr. This allows an attacker to bypass the intended restrictions and eventually achieve arbitrary code execution.

← Browse all CVEs View on cve.org ↗