{"id":"ECHO-1c52-724c-58ad","upstream":["CVE-2026-40192","GHSA-whj4-6x5x-4v2j"],"severity":[],"modified":"2026-05-07T15:38:45.583Z","affected":[{"package":{"ecosystem":"Echo:PyPi","name":"pillow","purl":"pkg:pypi/pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"12.1.1+echo.1"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-40192"},{"type":"WEB","url":"https://github.com/advisories/GHSA-whj4-6x5x-4v2j"}]}