CRITICAL 9.6 PyPI crates.io npm Go
GHSA-f396-4rp4-7v2j · CVE-2026-46703, RUSTSEC-2026-0148 Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host
Modified: 5/21/2026
package
PyPI / boxlite
pkg:pypi/boxlite
CRITICAL 10.0 PyPI npm Go crates.io
GHSA-g6ww-w5j2-r7x3 · CVE-2026-46695, RUSTSEC-2026-0147 BoxLite: Permission Bypass Allows Modification of Read-Only Files
Modified: 5/21/2026
MEDIUM 6.5 PyPI
GHSA-xjhv-pp2r-6f82 · CVE-2026-47213 BoxLite has a Timeout Bypass Vulnerability
Modified: 5/29/2026