From 9b20890bfba62d5ba42ad2e5786f27737fd1105c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Apr 2026 21:02:35 +0000 Subject: [PATCH] Bump python-multipart from 0.0.22 to 0.0.26 Bumps [python-multipart](https://github.com/Kludex/python-multipart) from 0.0.22 to 0.0.26. - [Release notes](https://github.com/Kludex/python-multipart/releases) - [Changelog](https://github.com/Kludex/python-multipart/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kludex/python-multipart/compare/0.0.22...0.0.26) --- updated-dependencies: - dependency-name: python-multipart dependency-version: 0.0.26 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 2fdbabb..060c3fe 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ fastapi==0.115.0 uvicorn[standard]==0.30.6 anthropic>=0.40.0 -python-multipart==0.0.22 # >=0.0.22 fixes CVE-2026-24486 (path traversal arbitrary file write) +python-multipart==0.0.26 # >=0.0.22 fixes CVE-2026-24486 (path traversal arbitrary file write) aiofiles==24.1.0 jinja2==3.1.6 # >=3.1.5 fixes sandbox breakout CVEs slowapi==0.1.9