CVE-2026-45758 describes a critical security vulnerability involving the publication of a malicious version (0.10.1) of the guardrails-ai Python package to PyPI. This version contained embedded malicious code (CWE-506). The malicious package was live for about two hours before being quarantined. Although no exploitation evidence has been found, the vulnerability poses a high risk due to potential credential theft or unauthorized access. The vulnerability affects only version 0.10.1 of guardrails-ai. Users are recommended to upgrade to version 0.10.2 or downgrade to 0.10.0 to avoid the malicious code.

The malicious package could have led to compromise of user credentials such as GitHub personal access tokens, cloud provider keys, package registry tokens, and API keys if installed. The CVSS score of 9.6 indicates critical impact with high confidentiality, integrity, and availability consequences. However, telemetry and log reviews by the maintainers found no evidence of data exfiltration or malicious activity originating from the compromised version. The risk remains significant for users who installed the affected version and did not take remediation steps.

Users should immediately upgrade to guardrails-ai version 0.10.2 or downgrade to 0.10.0, both of which are confirmed unaffected. Those who installed version 0.10.1 should rotate all credentials accessible from their machines, including GitHub PATs, cloud provider keys, package registry tokens, and API keys. Additionally, users should audit their GitHub accounts for unauthorized workflows or repositories. Since PyPI quarantined the malicious package within two hours, no further action is required regarding the package source. Patch status is not explicitly stated but upgrading or downgrading to unaffected versions is the recommended remediation.