Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. d8s-yaml version 0.1.0 of Democritus Project is vulnerable to a code execution vulnerability stemming from the presence of a potential code execution package, democritus-, inserted by a third party, in d8s-yaml distributed on PyPI. file-system, which can be exploited by an attacker to remotely execute code.