From 2d9e243847c1ad605da99241b275149498df4a9f Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Sat, 6 Jun 2026 06:12:03 +0530 Subject: [PATCH] Ignore inappplicable CVE --- .github/workflows/ci.py | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.py b/.github/workflows/ci.py index a936c908d..268be73b2 100644 --- a/.github/workflows/ci.py +++ b/.github/workflows/ci.py @@ -233,6 +233,7 @@ IGNORED_DEPENDENCY_CVES = [ 'CVE-2026-4519', 'CVE-2026-1502', 'CVE-2026-7210', # DoS in unused XML parser + 'CVE-2026-3276', # DoS in unicodedata.normalize() # github.com/nwaples/rardecode/v2 'CVE-2025-11579', # rardecode is version 2.2.1, not vulnerable 'CVE-2026-2673', # openssl fix not released