{"vulnerability": "cve-2026-45758", "sightings": [{"uuid": "17ac7cc4-7aa9-4dc3-9f96-62c7179ebb16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45758", "type": "seen", "source": "https://bsky.app/profile/skuebeck.graz.social.ap.brid.gy/post/3mmnl6set7sc2", "content": "Next supply chain compromise on PyPI! \ud83d\udd25 \ud83d\udd25 \ud83d\udd25\n\nhttps://advisories.gitlab.com/pypi/guardrails-ai/CVE-2026-45758/\n\nUse PipCanary or similar to protect your secrets!\n\nhttps://pypi.org/project/pipcanary/\n\n#cybersecurity #python #pypi", "creation_timestamp": "2026-05-25T03:51:09.034967Z"}, {"uuid": "827c9aa7-a85d-42c1-9c85-c9915b0020d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45758", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnkypx7yrf2l", "content": "CVE-2026-45758 - Malicious code in guardrails-ai 0.10.1 (supply chain compromise)\nCVE ID : CVE-2026-45758\n \n Published : June 5, 2026, 8:17 p.m. | 15\u00a0minutes ago\n \n Description : Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approxima...", "creation_timestamp": "2026-06-05T20:40:29.581622Z"}, {"uuid": "96d2e0f6-13f8-4cb6-b2cd-d250c16f78e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45758", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnkztgtj2x2b", "content": "\ud83d\udd34 CVE-2026-45758 - Critical (9.6)\n\nGuardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approxim...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45758/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T21:00:21.145921Z"}, {"uuid": "d197b9e0-35fb-4917-bd9c-2dc8b82ec5e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45758", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnlxza77nx2p", "content": "CRITICAL: Malicious guardrails-ai v0.10.1 on PyPI risked credential leaks. Upgrade to 0.10.2 or downgrade now. Rotate credentials & audit GitHub if affected. More: https://radar.offseq.com/threat/cve-2026-45758-cwe-506-embedded-malicious-code-in--296c81fb #OffSeq #infosec #Python", "creation_timestamp": "2026-06-06T06:00:27.414542Z"}, {"uuid": "e7fde595-e053-4aa3-8840-aca0eff6e167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45758", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116701634540314139", "content": "\ud83d\udea9 CRITICAL threat: guardrails-ai 0.10.1 (PyPI) was malicious for ~2 hrs, risking credential theft. No exfil evidence, but rotate keys & audit if installed. Upgrade to 0.10.2 or downgrade to 0.10.0. CVE-2026-45758 https://radar.offseq.com/threat/cve-2026-45758-cwe-506-embedded-malicious-code-in--296c81fb #OffSeq #infosec #supplychain", "creation_timestamp": "2026-06-06T06:00:39.480141Z"}, {"uuid": "4fee7005-4957-48d8-8bd0-f78edd882142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45758", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mns676o4oy2x", "content": "\ud83d\udccc CVE-2026-45758 - Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malici... https://www.cyberhub.blog/cves/CVE-2026-45758", "creation_timestamp": "2026-06-08T17:07:07.759765Z"}]}