pymanager adds the current working directory to the Python import path, allowing a local file with the same name as a legitimate module to shadow the intended package. When a user runs a pymanager‑generated command such as pip or pytest from an attacker‑controlled directory, the malicious module can be imported and executed under the user’s privileges. This represents an arbitrary code execution risk and is classified under CWE‑427 (Uncontrolled Search Path Elements).

The vulnerability affects the Python Software Foundation’s pymanager, specifically version 26.0 and earlier releases. Any installation of these versions that may be invoked from an untrusted working directory is at risk. Administrators should verify the version of pymanager in use and consider the impact if the tool is executed in directories that may be controlled by untrusted parties.

The CVSS score of 5.6 indicates moderate damage potential, while an EPSS score of less than 1% suggests the vulnerability is currently unlikely to be exploited widely. The vulnerability is not listed in the CISA KEV catalog and no public exploit has been documented. Exploitation requires the attacker to have write access to the working directory and to trigger a pymanager command while executing from that location. The attack can execute arbitrary code with the privileges of the user launching the command. The risk is thus primarily confined to environments where pymanager is run from directories that can be influenced by external or third‑party input.