VYPR

Gleam

by Lpil

Source repositories

CVEs (1)

  • CVE-2026-32146HigApr 11, 2026
    risk 0.44cvss 7.8epss 0.00

    Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. Dependency names from gleam.toml and manifest.toml are incorporated into filesystem paths without sufficient…