An update for python-pygments is now available for openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-1873 Final 1.0 1.0 2026-04-11 Initial 2026-04-11 2026-04-11 openEuler SA Tool V1.0 2026-04-11 python-pygments security update An update for python-pygments is now available for openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS \ Security Fix(es): A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.(CVE-2026-4539) An update for python-pygments is now available for openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Low python-pygments https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1873 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-4539 https://nvd.nist.gov/vuln/detail/CVE-2026-4539 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS python-pygments-2.17.2-2.oe2403sp1.src.rpm python-pygments-2.17.2-2.oe2403sp2.src.rpm python-pygments-2.17.2-2.oe2403sp3.src.rpm python-pygments-2.5.2-7.oe2003sp4.src.rpm python-pygments-2.10.0-5.oe2203sp4.src.rpm python-pygments-2.17.2-2.oe2403.src.rpm python-pygments-help-2.17.2-2.oe2403sp1.noarch.rpm python3-pygments-2.17.2-2.oe2403sp1.noarch.rpm python-pygments-help-2.17.2-2.oe2403sp2.noarch.rpm python3-pygments-2.17.2-2.oe2403sp2.noarch.rpm python-pygments-help-2.17.2-2.oe2403sp3.noarch.rpm python3-pygments-2.17.2-2.oe2403sp3.noarch.rpm python-pygments-help-2.5.2-7.oe2003sp4.noarch.rpm python2-pygments-2.5.2-7.oe2003sp4.noarch.rpm python3-pygments-2.5.2-7.oe2003sp4.noarch.rpm python-pygments-help-2.10.0-5.oe2203sp4.noarch.rpm python3-pygments-2.10.0-5.oe2203sp4.noarch.rpm python-pygments-help-2.17.2-2.oe2403.noarch.rpm python3-pygments-2.17.2-2.oe2403.noarch.rpm A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. 2026-04-11 CVE-2026-4539 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS Low 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L python-pygments security update 2026-04-11 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1873