Package impact
PyPI / pymdown-extensions
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46338 | medium | — | 5.5 | 15d ago | Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path | |||
| CVE-2025-68142 | unknown | — | — | 6mo ago | PyMdown Extensions is a set of extensions for the `Python-Markdown` markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the figure caption extension (`pymdownx.blocks.caption`).… | |||
| CVE-2023-32309 | unknown | — | — | 3y ago | Any file can be included with the pymdown-snippets extension |