Vulnerabilities

CVE-2026-4519

by Fred · 20/03/2026

The webbrowser.open() API would accept leading dashes in the URL which
could be handled as command line options for certain web browsers. New
behavior rejects leading dashes. Users are recommended to sanitize URLs
prior to passing to webbrowser.open().

More information : https://github.com/python/cpython/commit/43fe06b96f6a6cf5cfd5bdab20b8649374956866

Similar

Tags: Cybersecurity Alert