GHSA-xmpw-2vmm-p4p6: Malicious code in guardrails-ai 0.10.1 (supply chain compromise)
Summary
An attacker published malicious code in guardrails-ai version 0.10.1 on PyPI (a package repository where developers download Python libraries), but PyPI removed it within 2 hours and found no evidence that user data was stolen through this compromise. This is an example of a supply chain attack, where someone tries to harm users by corrupting a widely-used software package.
Solution / Mitigation
Downgrade to guardrails-ai==0.10.0, which is unaffected. Alternatively, install from GitHub using `pip install git+https://github.com/guardrails-ai/guardrails.git@v0.10.0`. If you installed 0.10.1, rotate all credentials accessible from that machine (GitHub PATs, cloud provider keys, package registry tokens, API keys) and audit your GitHub account for unauthorized workflows or repositories. Snowglobe and Guardrails Hub users should rotate API keys before 2:00 PM Pacific on May 13, 2026, when all existing keys will be invalidated.
Vulnerability Details
EPSS: 0.0%
May 19, 2026
Classification
Affected Vendors
Affected Packages
Related Issues
Original source: https://github.com/advisories/GHSA-xmpw-2vmm-p4p6
First tracked: May 19, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 95%