Important severity8.0NVD Advisory· Published May 27, 2026
python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite
CVE-2026-8643
Description
python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite
Affected products
1- Package: https://pypi.org/project/pip
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
News mentions
0No linked articles in our index yet.