Microsoft Python
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Python.
Recent Microsoft Python Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-21531 | CVE-2026-21531 Azure SDK for Python Remote Code Execution Vulnerability | February 10, 2026 |
| CVE-2026-21226 | CVE-2026-21226 Azure Core shared client library for Python Remote Code Execution Vulnerability | January 13, 2026 |
| CVE-2023-6597 | CVE-2023-6597 An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1 3.11.7 3.10.13 3.9.18 and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions- | January 1, 2026 |
| CVE-2022-40898 | CVE-2022-40898 An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. | January 1, 2026 |
| CVE-2025-4565 | CVE-2025-4565 Unbounded recursion in Python Protobuf | January 1, 2026 |
| CVE-2022-1941 | CVE-2022-1941 Out of Memory issue in ProtocolBuffers for cpp and python | January 1, 2026 |
| CVE-2023-27043 | CVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can b | December 7, 2025 |
| CVE-2025-49714 | CVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution Vulnerability | July 8, 2025 |
| CVE-2024-49050 | CVE-2024-49050 Visual Studio Code Python Extension Remote Code Execution Vulnerability | November 12, 2024 |
EOL Dates
Ensure that you are using a supported version of Microsoft Python. Here are some end of life, and end of support dates for Microsoft Python.
| Release | EOL | End of Support | Status |
|---|---|---|---|
| 3.14 | October 31, 2030 | October 1, 2027 |
Active
Microsoft Python 3.14 will become EOL in 4 years (in 2030). |
| 3.13 | October 31, 2029 | October 1, 2026 |
Active
Microsoft Python 3.13 will become EOL in 3 years (in 2029). |
| 3.12 | October 31, 2028 | April 2, 2025 |
Active
Microsoft Python 3.12 will become EOL in two years (in 2028). |
| 3.11 | October 31, 2027 | April 1, 2024 |
Active
Microsoft Python 3.11 will become EOL next year, in October 2027. |
| 3.9 | October 31, 2025 | May 17, 2022 |
EOL
Microsoft Python 3.9 became EOL in 2025 and supported ended in 2022 |
| 3.8 | October 7, 2024 | May 3, 2021 |
EOL
Microsoft Python 3.8 became EOL in 2024 and supported ended in 2021 |
| 3.7 | June 27, 2023 | June 27, 2020 |
EOL
Microsoft Python 3.7 became EOL in 2023 and supported ended in 2020 |
| 3.6 | December 23, 2021 | December 24, 2018 |
EOL
Microsoft Python 3.6 became EOL in 2021 and supported ended in 2018 |
| 3.5 | September 30, 2020 | - |
EOL
Microsoft Python 3.5 became EOL in 2020. |
| 3.4 | March 18, 2019 | - |
EOL
Microsoft Python 3.4 became EOL in 2019. |
| 3.3 | September 29, 2017 | - |
EOL
Microsoft Python 3.3 became EOL in 2017. |
| 3.2 | February 20, 2016 | - |
EOL
Microsoft Python 3.2 became EOL in 2016. |
| 2.7 | January 1, 2020 | - |
EOL
Microsoft Python 2.7 became EOL in 2020. |
| 3.1 | April 9, 2012 | - |
EOL
Microsoft Python 3.1 became EOL in 2012. |
| 3.1 | April 9, 2012 | - |
EOL
Microsoft Python 3.1 became EOL in 2012. |
| 3.0 | June 27, 2009 | - |
EOL
Microsoft Python 3.0 became EOL in 2009. |
| 2.6 | October 29, 2013 | - |
EOL
Microsoft Python 2.6 became EOL in 2013. |
By the Year
In 2026 there have been 0 vulnerabilities in Microsoft Python. Last year, in 2025 Python had 1 security vulnerability published. Right now, Python is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 7.80 |
| 2024 | 1 | 8.80 |
| 2023 | 1 | 7.80 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 2 | 0.00 |
It may take a day or so for new Python vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Python Security Vulnerabilities
Jul 2025: Visual Studio Code Python Extension Remote Code Execution Vulnerability
CVE-2025-49714
7.8 - High
- July 08, 2025
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
Trust Boundary Violation
VSCode Python Extension Remote Code Execution Vulnerability
CVE-2024-49050
8.8 - High
- November 12, 2024
Visual Studio Code Python Extension Remote Code Execution Vulnerability
Trust Boundary Violation
VS Code Python Extension RCE Vulnerability (CVE-2020-17163)
CVE-2020-17163
7.8 - High
- December 29, 2023
Visual Studio Code Python Extension Remote Code Execution Vulnerability
May 2020:
CVE-2020-1192
- May 21, 2020
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171.
May 2020:
CVE-2020-1171
- May 21, 2020
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Python or by Microsoft? Click the Watch button to subscribe.
