Summary
OSV.dev updated 3 advisories on 2026-05-20 to broaden their affected ranges to introduced=0 with no fixed event — meaning every version (including current latest) is now flagged. These show up in mlx-benchmarks the same way they show up in nix-ai (see JacobPEvans/nix-ai#812).
| Package |
OSV ID |
CVSS |
Notes |
| joblib 1.5.3 (latest) |
PYSEC-2024-277 |
7.5 H |
Deserialization in Memory.cache results. Local AV. |
| nltk 3.9.4 (latest) |
PYSEC-2026-97 |
7.5 H |
Local file load issue. Local AV. |
| pyjwt 2.12.1 (latest) |
PYSEC-2025-183 |
7.0 H |
Weak encryption — upstream disputes: "the key length is chosen by the application that uses the library". |
Our exposure
joblib and nltk are transitive deps via lm-eval / smolagents — used only for benchmark runs against models we control. Local AV only.pyjwt is a transitive dep (likely via Hugging Face Hub or a token-using lib). We don't generate JWTs in our code; we only consume tokens that upstream libs sign.
All three packages are already on their latest published version — no upgrade path exists.
Action
Related
Summary
OSV.dev updated 3 advisories on 2026-05-20 to broaden their affected ranges to
introduced=0with nofixedevent — meaning every version (including current latest) is now flagged. These show up in mlx-benchmarks the same way they show up in nix-ai (see JacobPEvans/nix-ai#812).Memory.cacheresults. Local AV.Our exposure
joblibandnltkare transitive deps via lm-eval / smolagents — used only for benchmark runs against models we control. Local AV only.pyjwtis a transitive dep (likely via Hugging Face Hub or a token-using lib). We don't generate JWTs in our code; we only consume tokens that upstream libs sign.All three packages are already on their latest published version — no upgrade path exists.
Action
[[IgnoredVulns]]entries toosv-scanner.tomlfor all 3 advisories,ignoreUntil = 2026-08-20(matches nix-ai cadence)Related