CVE-2026-55830

zopefoundation · RestrictedPython

RestrictedPython contains a flaw in its input filtering mechanism, allowing for the potential execution of unauthorized code via incomplete blocklists.

Executive summary

A high-severity vulnerability in RestrictedPython allows an authenticated attacker with high privileges to bypass security restrictions and potentially execute arbitrary code.

Vulnerability

This vulnerability (CWE-184) arises from an incomplete list of disallowed inputs, which can be leveraged by an authenticated user with high privileges to escape the restricted environment. The attack requires user interaction and facilitates a cross-site or cross-component security bypass.

Business impact

The ability to bypass the restricted Python environment can lead to unauthorized code execution, resulting in full system compromise or data exfiltration. With a CVSS score of 8.3, the risk to internal security integrity is critical, especially in environments where multi-tenant isolation is enforced.

Remediation

Immediate Action: Update the RestrictedPython package to version 8.3 or later to ensure the input filter correctly blocks unauthorized commands.

Proactive Monitoring: Audit logs for unusual administrative activities or attempts to access restricted system modules that should not be reachable via the Python subset.

Compensating Controls: Enforce the principle of least privilege for all users with access to the system and implement strict sandboxing or containerization to isolate the RestrictedPython runtime.

Exploitation status

Public Exploit Available: false

Analyst recommendation

This vulnerability represents a significant risk to the integrity of environments relying on RestrictedPython for secure code execution. Organizations should prioritize updating to version 8.3 to ensure the robust enforcement of security boundaries and prevent unauthorized access.