CVE-2026-23842: Python Sqlalchemy Unmanaged Session Leak
A database session or connection is created and closed manually but is not wrapped in a `try...finally` block. If an exception occurs before `.close()` is called, the connection will leak. Over time, leaked connections can exhaust the connection pool and cause a Denial of Service (DoS). Ensure that you wrap the usage in a `try...finally` block and call `.clo
greprules fetch cve-2026-23842-python-sqlalchemy-unmanaged-session-leak --engine opengrepDescription
A database session or connection is created and closed manually but is not wrapped in a `try...finally` block. If an exception occurs before `.close()` is called, the connection will leak. Over time, leaked connections can exhaust the connection pool and cause a Denial of Service (DoS). Ensure that you wrap the usage in a `try...finally` block and call `.clo
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.