PatchSiren

zopefoundation CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH zopefoundation CVE published 2026-07-08

CVE-2026-55830

CVE-2026-55830 is a high-severity vulnerability in RestrictedPython, a tool for defining a subset of the Python language for trusted environments. The issue, fixed in version 8.3, allows certain protected guard hook names to be shadowed by local parameters, potentially bypassing access policies. This could allow attackers to bypass access controls by shadowing sensitive names like __getattr__, _getitem_, [truncated]