{"id":"ECHO-b848-7c96-ee64","upstream":["CVE-2026-25990","GHSA-cfh3-3jmp-rvhc"],"severity":[],"modified":"2026-07-01T13:02:40.071Z","affected":[{"package":{"ecosystem":"Echo:PyPi","name":"pillow","purl":"pkg:pypi/pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.1.0-5+deb13u1"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-25990"},{"type":"WEB","url":"https://github.com/advisories/GHSA-cfh3-3jmp-rvhc"}]}