CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8643

pip would treat console_scripts and gui_scripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.2%

CVSS Severity

CVSS v3 Score 5.5

References

Products affected by CVE-2026-8643

Pypa » Pip » Version: 0.1

cpe:2.3:a:pypa:pip:0.1
Pypa » Pip » Version: 0.1.1

cpe:2.3:a:pypa:pip:0.1.1
Pypa » Pip » Version: 0.1.2

cpe:2.3:a:pypa:pip:0.1.2
Pypa » Pip » Version: 0.1.3

cpe:2.3:a:pypa:pip:0.1.3
Pypa » Pip » Version: 0.1.4

cpe:2.3:a:pypa:pip:0.1.4
Pypa » Pip » Version: 0.2

cpe:2.3:a:pypa:pip:0.2
Pypa » Pip » Version: 0.2.1

cpe:2.3:a:pypa:pip:0.2.1
Pypa » Pip » Version: 0.3

cpe:2.3:a:pypa:pip:0.3
Pypa » Pip » Version: 0.3.1

cpe:2.3:a:pypa:pip:0.3.1
Pypa » Pip » Version: 0.4

cpe:2.3:a:pypa:pip:0.4
Pypa » Pip » Version: 0.5

cpe:2.3:a:pypa:pip:0.5
Pypa » Pip » Version: 0.5.1

cpe:2.3:a:pypa:pip:0.5.1
Pypa » Pip » Version: 0.6

cpe:2.3:a:pypa:pip:0.6
Pypa » Pip » Version: 0.6.1

cpe:2.3:a:pypa:pip:0.6.1
Pypa » Pip » Version: 0.6.2

cpe:2.3:a:pypa:pip:0.6.2
Pypa » Pip » Version: 0.6.3

cpe:2.3:a:pypa:pip:0.6.3
Pypa » Pip » Version: 0.7

cpe:2.3:a:pypa:pip:0.7
Pypa » Pip » Version: 0.7.1

cpe:2.3:a:pypa:pip:0.7.1
Pypa » Pip » Version: 0.7.2

cpe:2.3:a:pypa:pip:0.7.2
Pypa » Pip » Version: 0.8

cpe:2.3:a:pypa:pip:0.8
Pypa » Pip » Version: 0.8.1

cpe:2.3:a:pypa:pip:0.8.1
Pypa » Pip » Version: 0.8.2

cpe:2.3:a:pypa:pip:0.8.2
Pypa » Pip » Version: 0.8.3

cpe:2.3:a:pypa:pip:0.8.3
Pypa » Pip » Version: 1.0

cpe:2.3:a:pypa:pip:1.0
Pypa » Pip » Version: 1.0.1

cpe:2.3:a:pypa:pip:1.0.1
Pypa » Pip » Version: 1.0.2

cpe:2.3:a:pypa:pip:1.0.2
Pypa » Pip » Version: 1.1

cpe:2.3:a:pypa:pip:1.1
Pypa » Pip » Version: 1.2

cpe:2.3:a:pypa:pip:1.2
Pypa » Pip » Version: 1.2.1

cpe:2.3:a:pypa:pip:1.2.1
Pypa » Pip » Version: 1.3

cpe:2.3:a:pypa:pip:1.3
Pypa » Pip » Version: 1.3.1

cpe:2.3:a:pypa:pip:1.3.1
Pypa » Pip » Version: 1.4

cpe:2.3:a:pypa:pip:1.4
Pypa » Pip » Version: 1.4.1

cpe:2.3:a:pypa:pip:1.4.1
Pypa » Pip » Version: 1.5

cpe:2.3:a:pypa:pip:1.5
Pypa » Pip » Version: 1.5.1

cpe:2.3:a:pypa:pip:1.5.1
Pypa » Pip » Version: 1.5.2

cpe:2.3:a:pypa:pip:1.5.2
Pypa » Pip » Version: 1.5.3

cpe:2.3:a:pypa:pip:1.5.3
Pypa » Pip » Version: 1.5.4

cpe:2.3:a:pypa:pip:1.5.4
Pypa » Pip » Version: 1.5.5

cpe:2.3:a:pypa:pip:1.5.5
Pypa » Pip » Version: 1.5.6

cpe:2.3:a:pypa:pip:1.5.6
Pypa » Pip » Version: 10.0.0

cpe:2.3:a:pypa:pip:10.0.0
Pypa » Pip » Version: 10.0.1

cpe:2.3:a:pypa:pip:10.0.1
Pypa » Pip » Version: 18.0

cpe:2.3:a:pypa:pip:18.0
Pypa » Pip » Version: 18.1

cpe:2.3:a:pypa:pip:18.1
Pypa » Pip » Version: 19.0

cpe:2.3:a:pypa:pip:19.0
Pypa » Pip » Version: 19.0.1

cpe:2.3:a:pypa:pip:19.0.1
Pypa » Pip » Version: 19.0.2

cpe:2.3:a:pypa:pip:19.0.2
Pypa » Pip » Version: 19.0.3

cpe:2.3:a:pypa:pip:19.0.3
Pypa » Pip » Version: 19.1

cpe:2.3:a:pypa:pip:19.1
Pypa » Pip » Version: 19.1.1

cpe:2.3:a:pypa:pip:19.1.1
Pypa » Pip » Version: 19.2

cpe:2.3:a:pypa:pip:19.2
Pypa » Pip » Version: 19.2.1

cpe:2.3:a:pypa:pip:19.2.1
Pypa » Pip » Version: 19.2.2

cpe:2.3:a:pypa:pip:19.2.2
Pypa » Pip » Version: 19.2.3

cpe:2.3:a:pypa:pip:19.2.3
Pypa » Pip » Version: 19.3

cpe:2.3:a:pypa:pip:19.3
Pypa » Pip » Version: 19.3.1

cpe:2.3:a:pypa:pip:19.3.1
Pypa » Pip » Version: 20.0

cpe:2.3:a:pypa:pip:20.0
Pypa » Pip » Version: 20.0.1

cpe:2.3:a:pypa:pip:20.0.1
Pypa » Pip » Version: 20.0.2

cpe:2.3:a:pypa:pip:20.0.2
Pypa » Pip » Version: 20.1

cpe:2.3:a:pypa:pip:20.1
Pypa » Pip » Version: 20.1.1

cpe:2.3:a:pypa:pip:20.1.1
Pypa » Pip » Version: 20.2

cpe:2.3:a:pypa:pip:20.2
Pypa » Pip » Version: 20.2.1

cpe:2.3:a:pypa:pip:20.2.1
Pypa » Pip » Version: 20.2.2

cpe:2.3:a:pypa:pip:20.2.2
Pypa » Pip » Version: 20.2.3

cpe:2.3:a:pypa:pip:20.2.3
Pypa » Pip » Version: 20.2.4

cpe:2.3:a:pypa:pip:20.2.4
Pypa » Pip » Version: 20.3

cpe:2.3:a:pypa:pip:20.3
Pypa » Pip » Version: 20.3.1

cpe:2.3:a:pypa:pip:20.3.1
Pypa » Pip » Version: 20.3.2

cpe:2.3:a:pypa:pip:20.3.2
Pypa » Pip » Version: 20.3.3

cpe:2.3:a:pypa:pip:20.3.3
Pypa » Pip » Version: 20.3.4

cpe:2.3:a:pypa:pip:20.3.4
Pypa » Pip » Version: 21.0

cpe:2.3:a:pypa:pip:21.0
Pypa » Pip » Version: 21.0.1

cpe:2.3:a:pypa:pip:21.0.1
Pypa » Pip » Version: 21.1

cpe:2.3:a:pypa:pip:21.1
Pypa » Pip » Version: 22.1.1

cpe:2.3:a:pypa:pip:22.1.1
Pypa » Pip » Version: 22.1.2

cpe:2.3:a:pypa:pip:22.1.2
Pypa » Pip » Version: 22.2

cpe:2.3:a:pypa:pip:22.2
Pypa » Pip » Version: 22.2.1

cpe:2.3:a:pypa:pip:22.2.1
Pypa » Pip » Version: 22.2.2

cpe:2.3:a:pypa:pip:22.2.2
Pypa » Pip » Version: 22.3

cpe:2.3:a:pypa:pip:22.3
Pypa » Pip » Version: 22.3.1

cpe:2.3:a:pypa:pip:22.3.1
Pypa » Pip » Version: 23.0

cpe:2.3:a:pypa:pip:23.0
Pypa » Pip » Version: 23.0.1

cpe:2.3:a:pypa:pip:23.0.1
Pypa » Pip » Version: 23.1

cpe:2.3:a:pypa:pip:23.1
Pypa » Pip » Version: 23.1.1

cpe:2.3:a:pypa:pip:23.1.1
Pypa » Pip » Version: 23.1.2

cpe:2.3:a:pypa:pip:23.1.2
Pypa » Pip » Version: 23.2

cpe:2.3:a:pypa:pip:23.2
Pypa » Pip » Version: 23.2.1

cpe:2.3:a:pypa:pip:23.2.1
Pypa » Pip » Version: 23.3

cpe:2.3:a:pypa:pip:23.3
Pypa » Pip » Version: 23.3.1

cpe:2.3:a:pypa:pip:23.3.1
Pypa » Pip » Version: 23.3.2

cpe:2.3:a:pypa:pip:23.3.2
Pypa » Pip » Version: 24.0

cpe:2.3:a:pypa:pip:24.0
Pypa » Pip » Version: 24.1

cpe:2.3:a:pypa:pip:24.1
Pypa » Pip » Version: 24.1.1

cpe:2.3:a:pypa:pip:24.1.1
Pypa » Pip » Version: 24.1.2

cpe:2.3:a:pypa:pip:24.1.2
Pypa » Pip » Version: 24.2

cpe:2.3:a:pypa:pip:24.2
Pypa » Pip » Version: 24.3

cpe:2.3:a:pypa:pip:24.3
Pypa » Pip » Version: 24.3.1

cpe:2.3:a:pypa:pip:24.3.1
Pypa » Pip » Version: 25.0

cpe:2.3:a:pypa:pip:25.0
Pypa » Pip » Version: 25.0.1

cpe:2.3:a:pypa:pip:25.0.1
Pypa » Pip » Version: 25.1

cpe:2.3:a:pypa:pip:25.1
Pypa » Pip » Version: 25.1.1

cpe:2.3:a:pypa:pip:25.1.1
Pypa » Pip » Version: 25.2

cpe:2.3:a:pypa:pip:25.2
Pypa » Pip » Version: 25.3

cpe:2.3:a:pypa:pip:25.3
Pypa » Pip » Version: 26.0

cpe:2.3:a:pypa:pip:26.0
Pypa » Pip » Version: 26.0.1

cpe:2.3:a:pypa:pip:26.0.1
Pypa » Pip » Version: 26.1

cpe:2.3:a:pypa:pip:26.1
Pypa » Pip » Version: 26.1.1

cpe:2.3:a:pypa:pip:26.1.1
Pypa » Pip » Version: 6.0

cpe:2.3:a:pypa:pip:6.0
Pypa » Pip » Version: 6.0.1

cpe:2.3:a:pypa:pip:6.0.1
Pypa » Pip » Version: 6.0.2

cpe:2.3:a:pypa:pip:6.0.2
Pypa » Pip » Version: 6.0.3

cpe:2.3:a:pypa:pip:6.0.3
Pypa » Pip » Version: 6.0.4

cpe:2.3:a:pypa:pip:6.0.4
Pypa » Pip » Version: 6.0.5

cpe:2.3:a:pypa:pip:6.0.5
Pypa » Pip » Version: 6.0.6

cpe:2.3:a:pypa:pip:6.0.6
Pypa » Pip » Version: 6.0.7

cpe:2.3:a:pypa:pip:6.0.7
Pypa » Pip » Version: 6.0.8

cpe:2.3:a:pypa:pip:6.0.8
Pypa » Pip » Version: 6.1.0

cpe:2.3:a:pypa:pip:6.1.0
Pypa » Pip » Version: 6.1.1

cpe:2.3:a:pypa:pip:6.1.1
Pypa » Pip » Version: 7.0.0

cpe:2.3:a:pypa:pip:7.0.0
Pypa » Pip » Version: 7.0.1

cpe:2.3:a:pypa:pip:7.0.1
Pypa » Pip » Version: 7.0.2

cpe:2.3:a:pypa:pip:7.0.2
Pypa » Pip » Version: 7.0.3

cpe:2.3:a:pypa:pip:7.0.3
Pypa » Pip » Version: 7.1.0

cpe:2.3:a:pypa:pip:7.1.0
Pypa » Pip » Version: 7.1.1

cpe:2.3:a:pypa:pip:7.1.1
Pypa » Pip » Version: 7.1.2

cpe:2.3:a:pypa:pip:7.1.2
Pypa » Pip » Version: 8.0.0

cpe:2.3:a:pypa:pip:8.0.0
Pypa » Pip » Version: 8.0.1

cpe:2.3:a:pypa:pip:8.0.1
Pypa » Pip » Version: 8.0.2

cpe:2.3:a:pypa:pip:8.0.2
Pypa » Pip » Version: 8.0.3

cpe:2.3:a:pypa:pip:8.0.3
Pypa » Pip » Version: 8.1.0

cpe:2.3:a:pypa:pip:8.1.0
Pypa » Pip » Version: 8.1.1

cpe:2.3:a:pypa:pip:8.1.1
Pypa » Pip » Version: 8.1.2

cpe:2.3:a:pypa:pip:8.1.2
Pypa » Pip » Version: 9.0.0

cpe:2.3:a:pypa:pip:9.0.0
Pypa » Pip » Version: 9.0.1

cpe:2.3:a:pypa:pip:9.0.1
Pypa » Pip » Version: 9.0.2

cpe:2.3:a:pypa:pip:9.0.2
Pypa » Pip » Version: 9.0.3

cpe:2.3:a:pypa:pip:9.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8643

Products

Pricing

Contact Us