pkg:PyPI/magic-wormhole
2 total CVEsLOW1
✅ Check your installed version
All known vulnerabilities
LOW3.5CVE-2026-42448Magic Wormhole: receive, with --output pointing at an existing directory can be path-traversed >= 0.23.0, < 0.24.0
—CVE-2026-32116Magic Wormhole: "wormhole receive" allows arbitrary local file overwrite >= 0.21.0, < 0.23.0