CRITICAL 9.8
PYSEC-2026-286
asyncmy is vulnerable to SQL injection via crafted dict keys
Details
SQL injection vulnerability in long2ice asyncmy thru 0.2.10 allows attackers to execute arbitrary SQL commands via crafted dict keys.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / asyncmy
Introduced in:
0 No fixed version published yet for asyncmy (pip). Pin to a known-safe version or switch to an alternative.