CVE-2026-34444P2CRITICALCVSS 10.0≤ 2.62026-04-06
CVE-2026-34444 [CRITICAL] CWE-284 CVE-2026-34444: Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attribute_filter is
Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attribute_filter is not consistently applied when attributes are accessed through built-in functions like getattr and setattr. This allows an attacker to bypass the intended restrictions and eventually achieve arbitrary code execution.
ghsanvdosv