Package impact
PyPI / pymdown-extensions
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46338 | medium | — | 5.5 | 10d ago | Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path | |||
| CVE-2025-68142 | unknown | — | — | 5mo ago | PyMdown Extensions has a ReDOS bug in its Figure Capture extension | |||
| CVE-2023-32309 | unknown | — | — | 3y ago | Any file can be included with the pymdown-snippets extension |