A critical authentication bypass vulnerability in the python.org release management API could have allowed attackers to impersonate administrators, potentially redirecting millions of users to malicious download URLs.
The flaw, responsibly disclosed on February 23, 2026, by Splitline Ng of the DEVCORE Research Team, was patched within 48 hours of the initial report.
The vulnerability resided in python.org’s release management API, where an attacker could supply an admin username paired with an arbitrary API key and have the request processed with full administrative privileges, a textbook authentication bypass. The flaw had silently existed in the codebase since 2014, spanning over a decade of Python releases.
If exploited, a threat actor could have modified Python release and file metadata, altering the download URLs presented on python.org/downloads, including links to verification materials such as Sigstore signatures and PGP keys.
While attackers could not directly modify release binaries in-place, tampering with verification URLs could have facilitated large-scale supply chain attacks targeting Python users and downstream distributors worldwide.
Critical python.org Vulnerability
The Python Security Response Team (PSRT) confirmed the vulnerability on a local instance and immediately coordinated a fix. Security Developer-in-Residence Seth Larson, alongside Hugo van Kemenade and Jacob Coffee, developed and deployed the patch (python/pythondotorg#2946) to production within 24 hours. By February 24th, DEVCORE confirmed that the proof of concept no longer functioned.
Post-incident forensics showed no evidence of exploitation. PSRT audited logs, database backups, and verified all artifact signatures — both Sigstore and PGP from Python 2.5 through 3.13, finding no anomalies. Python 3.14 and later releases, which no longer provide PGP materials per PEP 761, were verified exclusively via Sigstore.
Beyond patching the authentication logic, several additional security hardening steps were implemented:
URL validation: The database and API now reject any URLs not beginning with blocking attacker-controlled redirects even if authentication is bypassed
HTTPS enforcement: Trail of Bits’ audit added a custom field validator requiring HTTPS URLs for newer releases (#3014)
Negative auth test cases: New test coverage added for all authentication failure branches
Extended log retention: Logging retention increased from 3 days to 30 days to support future audit work
A third-party audit by Trail of Bits, funded by OpenAI, was completed on June 1st and confirmed the absence of any additional authentication or authorization issues. LLM-assisted auditing tools applied in April also returned clean results.
Windows Secure Boot Certificates to Expire – What IT Teams Should Do Before the Deadline.
The post Critical python.org Vulnerability Allowed Attackers to Forge Admin-Level API Requests appeared first on Cyber Security News.
