Primary

Context

Python asyncio Boundary Check Vulnerability in Windows

Vulnerability

A vulnerability exists in the 'sock_recvfrom_into()' method of 'asyncio.AbstractEventLoop' on Windows. The issue arises because the method lacks a proper boundary check for the data buffer when the 'nbytes' parameter is used. This oversight can lead to an out-of-bounds buffer write if the data exceeds the buffer size. Non-Windows platforms are not affected.

Impact

Exploitation of this vulnerability can lead to an out-of-bounds write, potentially allowing for memory corruption or other unintended behavior.

Remediation

Users can upgrade to the latest version of Python, where this vulnerability has been addressed, to mitigate this issue.

Added: Apr 21, 2026, 3:28 PM

Updated: Apr 21, 2026, 3:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.7

remediation

0.0

relevance

6.4

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.7

remediation

0.0

relevance

6.4

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Python asyncio Boundary Check Vulnerability in Windows

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating