Package impact
PyPI / mako
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44307 | high | — | 8.0 | 23d ago | Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup | |||
| CVE-2026-41205 | high | 7.5 | 7.5 | 1mo ago | Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is… |