HIGH
zopefoundation
CVE published 2026-07-08
CVE-2026-55830
CVE-2026-55830 is a high-severity vulnerability in RestrictedPython, a tool for defining a subset of the Python language for trusted environments. The issue, fixed in version 8.3, allows certain protected guard hook names to be shadowed by local parameters, potentially bypassing access policies. This could allow attackers to bypass access controls by shadowing sensitive names like __getattr__, _getitem_, [truncated]