- CVE-2025-13462: tarfile applied AREGTYPE -> DIRTYPE normalization even during multi-block GNU long members (LONGNAME / LONGLINK), enabling a parsing differential. Thread a dircheck flag through frombuf / fromtarfile so normalization is skipped on follow-up headers. - CVE-2026-0865: wsgiref.headers.Headers did not reject control characters in header names / values, allowing HTTP header injection from WSGI applications. Combined backport: gh-143917 adds the control-char regex check, gh-143916 HTAB follow-up splits the check so HTAB is allowed in header values (RFC 9110 Section 5.5) but still rejected in header names; LF / CR / DEL remain rejected in both. gh-144370 also disallows control characters in status in wsgiref.handlers. - CVE-2026-1502: http.client did not reject CR/LF in HTTPConnection CONNECT tunnel host / headers, enabling request injection. Validate the tunnel host and per-header name / value in _tunnel(). - CVE-2026-6019: http.cookies.Morsel.js_output() emitted an inline intact, enabling HTML injection. Base64-encode the cookie value in the emitted JavaScript (gh-90309).