CVE-2026-5271 Possible to hijack modules in current working directory

pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...

PT-2026-29526

Name of the Vulnerable Software and Affected Versions pymanager affected versions not specified Description pymanager included the current working directory in its sys.path, allowing modules in the current working directory to shadow intended packages. If a user runs a pymanager-generated command...