Package impact
PyPI / mako
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-44307 | high | — | 8.0 | 22d ago | Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup | |
| CVE-2026-41205 | high | 7.5 | 7.5 | 1mo ago | Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is… |