VYPR

PyPI package

tinytag

pkg:pypi/tinytag

Vulnerabilities (1)

  • CVE-2026-32889MedMar 20, 2026
    affected < 2.2.1fixed 2.2.1

    tinytag is a Python library for reading audio file metadata. Version 2.2.0 allows an attacker who can supply MP3 files for parsing to trigger a non-terminating loop while the library parses an ID3v2 SYLT (synchronized lyrics) frame. In server-side deployments that automatically p