Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Python Improper Input Validation Vulnerability - CVE-2026-3644 - Vulnerability Database
Python

Python Improper Input Validation Vulnerability - CVE-2026-3644

High
Reference: CVE-2026-3644
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-3644
Title: Python Improper Input Validation Vulnerability
Overview:

The fix for CVE-2026-0672 which rejected control characters in http.cookies.Morsel was incomplete. The Morsel.update() operator and unpickling paths were not patched allowing control characters to bypass input validation. Additionally BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().