CVE-2026-54279

CVE-2026-54279CVE-2026-54279

aiohttp / aiohttp

Description

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() lose their host-only status. This vulnerability is fixed in 3.14.1.

Scoring

CVSS 7.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Last modified2026-06-26
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.