What is the CVSS score of CVE-2026-25645?

CVE-2026-25645 has a CVSS 3.1 base score of 4.4 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Red Hat are affected by CVE-2026-25645?

CVE-2026-25645 presents moderate security risk rated CVSS 4.4. Exploitation could compromise the security of affected deployments.. A patch is available.

Red Hat CVE-2026-25645

EUVD-2026-15754 MEDIUM

Insecure Temporary File (CWE-377)

2026-03-25 https://github.com/psf/requests

GHSA-gc5v-m9x4-r6x2

Information Disclosure Red Hat

4.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 25, 2026 - 17:01 euvd

EUVD-2026-15754

Analysis Generated

Mar 25, 2026 - 17:01 vuln.today

Patch released

Mar 25, 2026 - 17:01 nvd

Patch available

CVE Published

Mar 25, 2026 - 16:56 nvd

MEDIUM 4.4

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

173 pypi packages depend on requests (112 direct, 61 indirect)

Ecosystem-wide dependent count for version 2.33.0.

DescriptionNVD

Impact

The requests.utils.extract_zipped_paths() utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could pre-create a malicious file that would be loaded in place of the legitimate one.

Affected usages

Standard usage of the Requests library is not affected by this vulnerability. Only applications that call extract_zipped_paths() directly are impacted.

Remediation

Upgrade to at least Requests 2.33.0, where the library now extracts files to a non-deterministic location.

If developers are unable to upgrade, they can set TMPDIR in their environment to a directory with restricted write access.

AnalysisAI

The Requests library before version 2.33.0 contains a predictable temporary file extraction vulnerability in the extract_zipped_paths() utility function that allows local attackers to perform file injection attacks. An attacker with write access to the system temporary directory can pre-create a malicious file at a predictable location that will be loaded instead of the legitimate extracted file, potentially leading to code execution or privilege escalation. …

RemediationAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory