CVE-2025-50817 Information

Aug 15, 2025 cve

Description

A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded it automatically imports test.py if present in the same directory or in the sys.path. This behavior can be exploited by an attacker who has the ability to write files to the server allowing the execution of arbitrary code.

Reference

https://github.com/PythonCharmers/python-future https://medium.com/@abcd_68700/cve-2025-50817-python-future-module-arbitrary-code-execution-via-unintended-import-of-test-py-f0818ea93cf4 https://pypi.org/project/future/

CNNVD-202508-1711 (Published: 2025-08-14)

Share on:

CVE-2025-50817 Information

Description

Reference

Related CNNVD