There is a MEDIUM severity vulnerability affecting CPython.

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

Please see the linked CVE ID for the latest information on affected versions:

• https://www.cve.org/CVERecord?id=CVE-2025-6069
• https://github.com/python/cpython/pull/135464