PYSEC-2026-1632

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/mkdocs-include-markdown-plugin/PYSEC-2026-1632.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-1632
Aliases
Published
2026-07-07T16:03:06.009053Z
Modified
2026-07-07T17:47:43.441951207Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVSS Calculator
Summary
mkdocs-include-markdown-plugin susceptible to unvalidated input colliding with substitution placeholders
Details

Impact

CWE-20: Improper Input Validation Low impact

Patches

Patched in v7.1.8 (commit https://github.com/mondeja/mkdocs-include-markdown-plugin/commit/7466d67aa0de8ffbc427204ad2475fed07678915)

Workarounds

No

References

Affected packages

PyPI / mkdocs-include-markdown-plugin

Package

Name
mkdocs-include-markdown-plugin
View open source insights on deps.dev
Purl
pkg:pypi/mkdocs-include-markdown-plugin

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.1.8

Affected versions

0.*
0.0.1
0.0.2
0.1.0
1.*
1.0.0
2.*
2.0.0
2.1.0
2.1.1
2.1.2
2.2.0
2.3.0
2.4.0
2.5.0
2.6.0
2.6.1
2.7.0
2.7.1
2.7.2
2.8.0
3.*
3.0.0
3.0.1
3.1.0
3.1.1
3.1.3
3.1.4
3.2.0
3.2.1
3.2.2
3.2.3
3.3.0
3.4.0
3.4.1
3.5.0
3.5.1
3.5.2
3.6.0
3.6.1
3.7.0
3.7.1
3.8.0
3.8.1
3.9.0
3.9.1
4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
5.*
5.0.0
5.1.0
6.*
6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.1.0
6.1.1
6.2.0
6.2.1
6.2.2
7.*
7.0.0
7.0.1
7.1.1
7.1.2
7.1.3
7.1.4
7.1.5
7.1.6
7.1.7

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/mkdocs-include-markdown-plugin/PYSEC-2026-1632.yaml"