Question 1

What is CVE-2026-0864 — CVE-2026-0864?

Accepted Answer

When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value.

Question 2

What is the authoritative source for CVE-2026-0864?

Accepted Answer

CVE-2026-0864 (CVE-2026-0864) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2026-0864CVE-2026-0864

Description

Scoring