VYPR

PyPI package

gramps-webapi

pkg:pypi/gramps-webapi

Vulnerabilities (1)

  • CVE-2026-40258CriApr 17, 2026
    affected >= 1.6.0, < 3.11.1fixed 3.11.1

    The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal vulnerability (Zip Slip) in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP fil