VDB

CVE-2026-24486

CVE-2026-24486 PUBLISHED CVSS 8.600000381469727 HIGH

Python-Multipart has Arbitrary File Write via Non-Default Configuration

EPSS 1.02% · 77.6th percentile

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
EPSS Score
1.02%
77.6th percentile

Affected Products

VendorProductVersions
PyPIpython-multipart0, 0, 0
Kludexpython-multipart< 0.0.22, < 0.0.22
fastapiexpertpython-multipart0, 0, 0

Timeline

  • Jan 26, 2026 CVE Published
  • Jan 27, 2026 EPSS Score
  • Jan 27, 2026 PoC Published
  • Jan 27, 2026 PoC Published
  • Jan 29, 2026 CVE Updated
  • Jan 29, 2026 Security Advisory
  • Jan 30, 2026 EPSS Score
  • Feb 1, 2026 EPSS Score
  • Feb 4, 2026 EPSS Score
  • Feb 6, 2026 EPSS Score
  • Feb 9, 2026 EPSS Score
  • Feb 11, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›