CPython bz2 Reuse After Error Causing OOB Stack Write 3.15
CVE-2026-9669 Published on June 8, 2026

bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow
bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer. This could crash the process when processing untrusted data.

Vendor Advisory NVD

Weakness Type

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2026-9669 has been classified to as a Stack Overflow vulnerability or weakness.

Products Associated with CVE-2026-9669

Want to know whenever a new CVE is published for Cpython? stack.watch will email you.

Cpython

Affected Versions

Python Software Foundation CPython:

Before 3.16.0 is affected.

CPython bz2 Reuse After Error Causing OOB Stack Write 3.15CVE-2026-9669 Published on June 8, 2026

Weakness Type

What is a Stack Overflow Vulnerability?

Products Associated with CVE-2026-9669

Affected Versions

CPython bz2 Reuse After Error Causing OOB Stack Write 3.15
CVE-2026-9669 Published on June 8, 2026