Three critical vulnerabilities discovered in Python, ajv and Svelte
Security researchers have identified three distinct security flaws affecting widely-used development tools: access bypass via Python Black, regex-based overload in ajv, and script injection in Svelte.
These vulnerabilities allow attackers to circumvent restriction mechanisms, trigger denial-of-service attacks, or execute malicious code in web browsers.
Developers are urged to apply available patches and strengthen oversight of unaudited dependencies in their projects.