CVE-2026-55830
zopefoundation · RestrictedPython
RestrictedPython contains a flaw in its input filtering mechanism, allowing for the potential execution of unauthorized code via incomplete blocklists.
Executive summary
A high-severity vulnerability in RestrictedPython allows an authenticated attacker with high privileges to bypass security restrictions and potentially execute arbitrary code.
Vulnerability
This vulnerability (CWE-184) arises from an incomplete list of disallowed inputs, which can be leveraged by an authenticated user with high privileges to escape the restricted environment. The attack requires user interaction and facilitates a cross-site or cross-component security bypass.
Business impact
The ability to bypass the restricted Python environment can lead to unauthorized code execution, resulting in full system compromise or data exfiltration. With a CVSS score of 8.3, the risk to internal security integrity is critical, especially in environments where multi-tenant isolation is enforced.
Remediation
Immediate Action: Update the RestrictedPython package to version 8.3 or later to ensure the input filter correctly blocks unauthorized commands.
Proactive Monitoring: Audit logs for unusual administrative activities or attempts to access restricted system modules that should not be reachable via the Python subset.
Compensating Controls: Enforce the principle of least privilege for all users with access to the system and implement strict sandboxing or containerization to isolate the RestrictedPython runtime.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability represents a significant risk to the integrity of environments relying on RestrictedPython for secure code execution. Organizations should prioritize updating to version 8.3 to ensure the robust enforcement of security boundaries and prevent unauthorized access.