Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai (0.10.1) to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security researchers identified the malicious package within approximately 2 hours of publication, and PyPI quarantined the repository. Based on our telemetry, Guardrails AI maintainers have observed no requests to Guardrails AI infrastructure originating from the malicious 0.10.1 version, and a review of system and access logs has produced no evidence of user data exfiltration through their systems. Users should upgrade to version 0.10.2 or downgrade to version 0.10.0, both of which are unaffected. Those who installed version 0.10.1 should rotate any credentials accessible from their machine (GitHub PATs, cloud provider keys, package registry tokens, API keys) and audit their GitHub account for unauthorized workflows or repositories.
CVE-2026-45758
Score 9.6 from GitHub Security Advisory (severity: CRITICAL) published 2026-05-19. the CNA's CVSS baseline 9.6; sources differ by 0.0.
- High severity, but no confirmed exploitation yet
No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.
- CVSS v3
- 9.6
- EG Score
- 9.6(medium)
- EPSS
- 19.4%
- KEV
- Not listed
Published
May 19, 2026
Last Modified
June 8, 2026
Advisory Details (3)
Auto-updated Jun 5, 2026Malicious code in guardrails-ai 0.10.1 (supply chain compromise) · Advisory · guardrails-ai/guardrails · GitHub
https://github.com/guardrails-ai/guardrails/security/advisories/GHSA-xmpw-2vmm-p4p6[SECURITY] Supply Chain Compromise in guardrails-ai v0.10.1 on PyPI · Issue #1473 · guardrails-ai/guardrails · GitHub
https://github.com/guardrails-ai/guardrails/issues/1473guardrails/SECURITY_ADVISORY.md at main · guardrails-ai/guardrails · GitHub
https://github.com/guardrails-ai/guardrails/blob/main/SECURITY_ADVISORY.mdVendor Advisories for CVE-2026-45758(1)
These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.
Patch Availability(1)
| Vendor / Ecosystem | Fixed in / Patch | Released | Source |
|---|---|---|---|
| pip | guardrails-ai | — | ghsa |
Patches are aggregated from vendor advisories (Red Hat, Microsoft, Cisco, GitHub) and package ecosystems (OSV, GHSA). Multiple rows for the same upstream release have been deduplicated.
Affected Packages
(1 across 1 ecosystem)
PyPI(1)
| Package | Vulnerable range | Fixed in | Dependents |
|---|---|---|---|
| guardrails-ai | 0.1.0 ... 0.9.3 (104 versions) | — | — |
Weakness Classification(1)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Data Freshness Timeline
(refreshed 6× in last 7d / 128× in last 30d)
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Showing the most recent 100 of 248 total refreshes for this CVE.
- 2026-07-09 19:10 UTCEPSS rescore
- 2026-07-07 13:46 UTCEPSS rescore
- 2026-07-06 16:27 UTCEPSS rescore
- 2026-07-06 02:23 UTCEPSS rescore
- 2026-07-05 02:30 UTCEPSS rescore
- 2026-07-04 06:31 UTCEPSS rescore
- 2026-07-01 15:07 UTCEPSS rescore
- 2026-06-30 23:22 UTCEPSS rescore
- 2026-06-29 20:54 UTCEG score recompute
- 2026-06-29 20:54 UTCGHSA enrichment
- 2026-06-29 14:06 UTCEPSS rescore
- 2026-06-29 14:06 UTCEPSS rescore
- 2026-06-28 14:07 UTCEPSS rescore
- 2026-06-28 14:01 UTCEG score recompute
- 2026-06-28 14:01 UTCGHSA enrichment
- 2026-06-28 09:22 UTCEG score recompute
- 2026-06-28 09:21 UTCGHSA enrichment
- 2026-06-28 05:07 UTCEG score recompute
- 2026-06-28 05:07 UTCGHSA enrichment
- 2026-06-28 04:56 UTCEPSS rescore
- 2026-06-28 04:56 UTCEPSS rescore
- 2026-06-28 00:51 UTCEG score recompute
- 2026-06-28 00:51 UTCGHSA enrichment
- 2026-06-27 20:25 UTCEG score recompute
- 2026-06-27 20:25 UTCGHSA enrichment
Show 75 moreShow fewer
- 2026-06-27 12:36 UTCEG score recompute
- 2026-06-27 12:36 UTCGHSA enrichment
- 2026-06-27 07:36 UTCEG score recompute
- 2026-06-27 07:36 UTCGHSA enrichment
- 2026-06-27 03:08 UTCEPSS rescore
- 2026-06-26 19:48 UTCEG score recompute
- 2026-06-26 19:48 UTCGHSA enrichment
- 2026-06-26 03:51 UTCEG score recompute
- 2026-06-26 03:51 UTCGHSA enrichment
- 2026-06-25 21:20 UTCEG score recompute
- 2026-06-25 21:20 UTCGHSA enrichment
- 2026-06-25 17:06 UTCEG score recompute
- 2026-06-25 17:06 UTCGHSA enrichment
- 2026-06-25 13:49 UTCEPSS rescore
- 2026-06-24 14:05 UTCEPSS rescore
- 2026-06-23 21:33 UTCEPSS rescore
- 2026-06-23 21:33 UTCEPSS rescore
- 2026-06-22 14:25 UTCEPSS rescore
- 2026-06-22 14:25 UTCEPSS rescore
- 2026-06-21 14:56 UTCEPSS rescore
- 2026-06-21 14:56 UTCEPSS rescore
- 2026-06-21 01:59 UTCEPSS rescore
- 2026-06-21 01:59 UTCEPSS rescore
- 2026-06-19 19:26 UTCEPSS rescore
- 2026-06-19 19:26 UTCEPSS rescore
- 2026-06-18 17:52 UTCEPSS rescore
- 2026-06-18 17:52 UTCEPSS rescore
- 2026-06-18 02:06 UTCEG score recompute
- 2026-06-18 02:06 UTCGHSA enrichment
- 2026-06-17 20:07 UTCEG score recompute
- 2026-06-17 20:07 UTCGHSA enrichment
- 2026-06-17 17:53 UTCEPSS rescore
- 2026-06-17 11:45 UTCEG score recompute
- 2026-06-17 11:45 UTCGHSA enrichment
- 2026-06-17 05:35 UTCEG score recompute
- 2026-06-17 05:35 UTCGHSA enrichment
- 2026-06-17 01:17 UTCEG score recompute
- 2026-06-17 01:17 UTCGHSA enrichment
- 2026-06-16 21:03 UTCEG score recompute
- 2026-06-16 21:03 UTCGHSA enrichment
- 2026-06-16 17:52 UTCEPSS rescore
- 2026-06-16 11:50 UTCEG score recompute
- 2026-06-16 11:50 UTCGHSA enrichment
- 2026-06-16 07:36 UTCEG score recompute
- 2026-06-16 07:35 UTCGHSA enrichment
- 2026-06-16 03:22 UTCEG score recompute
- 2026-06-16 03:22 UTCGHSA enrichment
- 2026-06-15 23:02 UTCEG score recompute
- 2026-06-15 23:02 UTCGHSA enrichment
- 2026-06-15 17:49 UTCEPSS rescore
- 2026-06-15 16:24 UTCEG score recompute
- 2026-06-15 16:24 UTCGHSA enrichment
- 2026-06-15 04:18 UTCEG score recompute
- 2026-06-15 04:18 UTCGHSA enrichment
- 2026-06-15 00:05 UTCEG score recompute
- 2026-06-15 00:05 UTCGHSA enrichment
- 2026-06-14 19:50 UTCEG score recompute
- 2026-06-14 19:50 UTCGHSA enrichment
- 2026-06-14 15:36 UTCEG score recompute
- 2026-06-14 15:36 UTCGHSA enrichment
- 2026-06-14 11:23 UTCEG score recompute
- 2026-06-14 11:22 UTCGHSA enrichment
- 2026-06-14 07:09 UTCEG score recompute
- 2026-06-14 07:09 UTCGHSA enrichment
- 2026-06-14 02:55 UTCEG score recompute
- 2026-06-14 02:55 UTCGHSA enrichment
- 2026-06-13 23:00 UTCEPSS rescore
- 2026-06-13 22:41 UTCEG score recompute
- 2026-06-13 22:41 UTCGHSA enrichment
- 2026-06-13 14:34 UTCEG score recompute
- 2026-06-13 14:34 UTCGHSA enrichment
- 2026-06-13 06:55 UTCEG score recompute
- 2026-06-13 06:55 UTCGHSA enrichment
- 2026-06-13 02:41 UTCEG score recompute
- 2026-06-13 02:41 UTCGHSA enrichment
Frequently asked(5)
What is CVE-2026-45758?
When was CVE-2026-45758 disclosed?
Is CVE-2026-45758 actively exploited?
What is the CVSS score of CVE-2026-45758?
How do I remediate CVE-2026-45758?
Dependency Blast Radius
See which npm, PyPI, Go, and Maven packages are affected by CVE-2026-45758
Is Your Infrastructure Affected by CVE-2026-45758?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.