LOW
awesto
CVE published 2026-07-19
CVE-2026-16212
A race condition vulnerability was identified in awesto django-shop up to 1.2.4. The issue is located in an unknown function of the file shop/models/inventory.py within the Purchase Stock Handler component. The vulnerability can be exploited remotely with high complexity, and its exploitability is considered difficult. The project was informed of the problem early through an issue report but has not responded yet.