Ecosystem	Package	Version

Vulnerabilities

CVE-2026-1213

CVE-2026-1213

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.

Published Jan 29, 2026

https://github.com/advisories/GHSA-r2jv-fwfr-4j8c

CVSS ScoreMedium

5.3

Ecosystem	Package	Version

CVE-2026-1213 | Components Impacted | Sonatype Guide | Sonatype Guide


pypi	askbot	0.10.0
pypi	askbot	0.10.1
pypi	askbot	0.10.2
pypi	askbot	0.10.3
pypi	askbot	0.11.0
pypi	askbot	0.11.1
pypi	askbot	0.11.2
pypi	askbot	0.11.3
pypi	askbot	0.11.4
pypi	askbot	0.11.5
pypi	askbot	0.11.7
pypi	askbot	0.11.8
pypi	askbot	0.12.0
pypi	askbot	0.12.1
pypi	askbot	0.12.2
pypi	askbot	0.6.0
pypi	askbot	0.6.10
pypi	askbot	0.6.11
pypi	askbot	0.6.12
pypi	askbot	0.6.13
pypi	askbot	0.6.14
pypi	askbot	0.6.15
pypi	askbot	0.6.16
pypi	askbot	0.6.17
pypi	askbot	0.6.18
pypi	askbot	0.6.19
pypi	askbot	0.6.1
pypi	askbot	0.6.20
pypi	askbot	0.6.21
pypi	askbot	0.6.22
pypi	askbot	0.6.23
pypi	askbot	0.6.24
pypi	askbot	0.6.25
pypi	askbot	0.6.26
pypi	askbot	0.6.27
pypi	askbot	0.6.28
pypi	askbot	0.6.29
pypi	askbot	0.6.2
pypi	askbot	0.6.30
pypi	askbot	0.6.31
pypi	askbot	0.6.32
pypi	askbot	0.6.33
pypi	askbot	0.6.34
pypi	askbot	0.6.35
pypi	askbot	0.6.36
pypi	askbot	0.6.37
pypi	askbot	0.6.38
pypi	askbot	0.6.39
pypi	askbot	0.6.3
pypi	askbot	0.6.40