Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-e6tg-k94s-kyeu
Vulnerability ID VCID-e6tg-k94s-kyeu
Aliases CVE-2025-4516
Summary
Status Published
Exploitability 0.5
Weighted Severity 5.3
Risk 2.6
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3 5.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4516.json
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2025-4516
cvssv3.1 5.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv4 5.9 https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292
ssvc Track https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292
cvssv4 5.9 https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d
ssvc Track https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d
cvssv4 5.9 https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
ssvc Track https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
cvssv4 5.9 https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f
ssvc Track https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f
cvssv4 5.9 https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77
ssvc Track https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77
cvssv4 5.9 https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
ssvc Track https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
cvssv4 5.9 https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b
ssvc Track https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b
cvssv4 5.9 https://github.com/python/cpython/issues/133767
ssvc Track https://github.com/python/cpython/issues/133767
cvssv4 5.9 https://github.com/python/cpython/pull/129648
ssvc Track https://github.com/python/cpython/pull/129648
cvssv4 5.9 https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
ssvc Track https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4516.json
https://api.first.org/data/v1/epss?cve=CVE-2025-4516
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4516
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
129648 https://github.com/python/cpython/pull/129648
133767 https://github.com/python/cpython/issues/133767
2366509 https://bugzilla.redhat.com/show_bug.cgi?id=2366509
4398b788ffc1f954a2c552da285477d42a571292 https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292
6279eb8c076d89d3739a6edb393e43c7929b429d https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d
69b4387f78f413e8c47572a85b3478c47eba8142 https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
73b3040f592436385007918887b7e2132aa8431f https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f
8d35fd1b34935221aff23a1ab69a429dd156be77 https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77
9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
ab9893c40609935e0d40a6d2a7307ea51aec598b https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b
GLSA-202506-07 https://security.gentoo.org/glsa/202506-07
L75IPBBTSCYEF56I2M4KIW353BB3AY74 https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
RHSA-2025:23530 https://access.redhat.com/errata/RHSA-2025:23530
USN-7570-1 https://usn.ubuntu.com/7570-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4516.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/issues/133767
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/issues/133767
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://github.com/python/cpython/pull/129648
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://github.com/python/cpython/pull/129648
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Found at https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/ Found at https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
Exploit Prediction Scoring System (EPSS)
Percentile 0.43443
EPSS Score 0.00209
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-10T18:13:20.837202+00:00 SUSE Severity Score Importer Import https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml 38.6.0