diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -1,22 +1,21 @@
   <vuln vid="613d0f9e-d477-11f0-9e85-03ddfea11990">
     <topic>python -- several vulnerabilities</topic>
     <affects>
-      <!-- someone please research the 3.10/3.11/3.12 vulnerable/fixed ranges and update this entry -->
       <package>
 	<name>python39</name>
-	<range><ge>0</ge></range>
+	<range><le>3.9.25</le></range>
       </package>
       <package>
 	<name>python310</name>
-	<range><ge>0</ge></range>
+	<range><le>3.10.19</le></range>
       </package>
       <package>
 	<name>python311</name>
-	<range><ge>0</ge></range>
+	<range><le>3.11.14</le></range>
       </package>
       <package>
 	<name>python312</name>
-	<range><ge>0</ge></range>
+	<range><le>3.12.12</le></range>
       </package>
       <package>
 	<name>python313</name>
@@ -34,7 +33,6 @@
 	  <p>Python 3.14.2 and 3.13.11 are now available [... and] come with some bonus security fixes.</p>
 	  <ul><li>gh-142145: Remove quadratic behavior in node ID cache clearing (CVE-2025-12084)</li>
 	    <li>gh-119451: Fix a potential denial of service in http.client [only in 3.13; CVE-2025-13836]</li>
-	    <li>gh-119452: Fix a potential virtual memory allocation denial of service in http.server [affects platforms without fork()]</li>
 	  </ul>
 	</blockquote>
 	</body>