CVE-2008-3949: Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.

See Debian bug #499568.
Python's import from current working directory considered harmful?..