CVE-2026-1299

Name of the Vulnerable Software and Affected Versions Python email module (affected versions not specified)

Description The BytesGenerator class within the email module did not correctly quote newlines for email headers during email message serialization. This flaw allows for header injection when an email is serialized, specifically when using "LiteralHeader" writing headers that do not adhere to email folding rules. The updated behavior rejects incorrectly folded headers in BytesGenerator.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.