Critical Security Flaw in python-diskcache Affects Fedora Users

Critical Security Flaw in python-diskcache Affects Fedora Users

First seen 24 Mar 2026, 05:15 UTC Linuxsecurity 95% similarity 57.9

Article Content

Browse articles
ThreatCluster

A significant security vulnerability, CVE-2025-69872, has been identified in the python-diskcache library, which is utilized in Fedora systems. This flaw allows for arbitrary code execution via insecure pickle deserialization, posing a serious risk to users. The vulnerability was published on 2026-02-11, and a patch has been incorporated by developer Sam Doran as of March 15, 2026. Users are advised to update their systems to mitigate the risk of exploitation. The affected versions include python-diskcache prior to 5.6.4-12. Both Fedora 43 and Fedora 44 are impacted by this vulnerability. The update can be applied using the dnf package manager. Failure to update may leave systems vulnerable to potential attacks exploiting this flaw.

Key Points: • CVE-2025-69872 allows arbitrary code execution through insecure pickle deserialization. • Affected systems include Fedora 43 and Fedora 44 using python-diskcache. • Users must update to version 5.6.4-12 or later to mitigate the vulnerability.

ThreatCluster AI

Timeline

2026-02-11
CVE-2025-69872 published
2026-03-15
Patch incorporated by Sam Doran
2026-03-24
Articles published detailing the vulnerability and patch

Community

Browse all →