Package impact
PyPI / python-dotenv
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28684 | unknown | — | — | 1mo ago | python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback |
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28684 | unknown | — | — | 1mo ago | python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback |