{"id":"ECHO-7eb6-969e-18b8","upstream":["CVE-2026-42309","GHSA-5xmw-vc9v-4wf2"],"severity":[],"modified":"2026-05-07T15:38:45.583Z","affected":[{"package":{"ecosystem":"Echo:PyPi","name":"pillow","purl":"pkg:pypi/pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"12.1.1+echo.1"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-42309"},{"type":"WEB","url":"https://github.com/advisories/GHSA-5xmw-vc9v-4wf2"}]}