CVE-2026-22702MEDIUMCVSS 4.5fixed in 20.36.12026-01-10
CVE-2026-22702 [MEDIUM] CWE-59 CVE-2026-22702: virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TO
virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and cr
cvelistv5nvd