Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
guarddog 2.7.0 | Vulnerabilities | Sonatype Guide
pypi
guarddog
2.7.0
guarddog 2.7.0
Published
Oct 3, 2025
•
Policy
compliance
pypi Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
59
Versions
59
Vulnerabilities
2
Vulnerabilities
2
Dependencies
15
Dependencies
15
Reset filters
Severity
Critical
(1)
High
(0)
Medium
(0)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
9.8
CVE-2026-22871
GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, there is a path traversal vulnerability exists in GuardDog's safe_extract() function that allows malicious PyPI packages to write arbitrary files outside the intended extraction directory, leading to Arbitrary File Overwrite and Remote Code Execution on systems running GuardDog. This vulnerability is fixed in 2.7.1.
affected
Severity
Critical
Published
Jan 14, 2026
