PatchSiren cyber security CVE debrief

CVE-2026-8643 Python Packaging Authority CVE debrief

pip, the Python package installer, incorrectly treats console_scripts and gui_scripts entry point names as filesystem paths rather than as file names. When resolving these to absolute paths, pip fails to sanitize the resulting path against the installation directory boundary. This path traversal flaw allows entry point executables to be written outside the intended installation directory during package installation. The vulnerability requires local access, user interaction to install a malicious package, and low privileges, but can result in high integrity impact by placing files in attacker-controlled locations outside the virtual environment or system package directory. The CVSS 4.0 vector indicates local attack vector with active user participation. The issue was disclosed on 2026-06-01 with references to a GitHub pull request fix, a Python security-announce mailing list post, and an oss-security mailing list discussion. The vulnerability status in NVD remains 'Awaiting Analysis' as of the modified timestamp.

Vendor: Python Packaging Authority
Product: pip
CVSS: MEDIUM 4.1
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-06-01
Original CVE updated: 2026-06-01
Advisory published: 2026-06-01
Advisory updated: 2026-06-01

Who should care

Python developers and system administrators using pip to install packages; organizations with Python-based application deployments; security teams monitoring supply chain risks in Python package ecosystems

Technical summary

The pip package installer fails to properly validate that resolved absolute paths for console_scripts and gui_scripts entry points remain within the target installation directory. By crafting package metadata with path-like entry point names, an attacker can cause pip to write executable files to arbitrary locations on the filesystem during package installation. The vulnerability is a path traversal issue stemming from insufficient input sanitization when converting entry point names to filesystem paths. The attack requires a user to actively install a malicious package, limiting exploitability to social engineering or supply chain scenarios. Integrity impact is rated high per CVSS 4.0 due to unauthorized file system modifications, while confidentiality and availability impacts are none.

Defensive priority

medium

Recommended defensive actions

Upgrade pip to a version containing the fix referenced in the upstream pull request once released
Verify pip installation sources and restrict package installations to trusted repositories only
Audit existing Python environments for unexpected executables outside intended installation directories
Apply principle of least privilege when running pip install commands
Monitor for pip security advisories from the Python Security Response Team

Evidence notes

CVE description states pip treats console_scripts and gui_scripts as paths instead of file names without sanitizing resolved absolute paths. CVSS 4.0 vector AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:H/VA:N confirms local attack vector, user interaction required, high integrity impact. NVD metadata shows vulnStatus 'Awaiting Analysis'. Source references include GitHub PR #14000, Python security-announce thread, and oss-security list post. Vendor attribution to Python is based on reference domain candidate evidence with low confidence and needs review flag.

Official resources

CVE-2026-8643 CVE record
CVE.org
CVE-2026-8643 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected]
Source reference
[email protected]
Source reference
af854a3a-2127-422b-91ae-364da2661108

2026-06-01