PyPI package
guardrails-ai
pkg:pypi/guardrails-ai
Malware
1 malicious version on record
One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.
- MAL-2026-3607Malicious code in guardrails-ai (PyPI)May 12, 2026
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45858 | Hig | 7.8 | >= 0.2.9, < 0.5.10 | 0.5.10 | Sep 18, 2024 | An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval fu | |
| CVE-2024-6961 | Med | 5.9 | < 0.5.0 | 0.5.0 | Jul 21, 2024 | RAIL documents are an XML-based format invented by Guardrails AI to enforce formatting checks on LLM outputs. Guardrails users that consume RAIL documents from external sources are vulnerable to XXE, which may cause leakage of internal file data via the SYSTEM entity. |
- affected >= 0.2.9, < 0.5.10fixed 0.5.10
An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval fu
- affected < 0.5.0fixed 0.5.0
RAIL documents are an XML-based format invented by Guardrails AI to enforce formatting checks on LLM outputs. Guardrails users that consume RAIL documents from external sources are vulnerable to XXE, which may cause leakage of internal file data via the SYSTEM entity.