Security: line goes up 0 ▲ Hugo van Kemenade 2 hours ago · Tech · hide · 0 comments Like many other projects, CPython is experiencing a huge increase in security reports. CVEs per year #Last month, PSF Security Developer-in-Residence Seth Larson posted a chart of CVEs per year, showing a large increase in 2026: But this only represents the output of security work, and doesn’t show all the work dealing with incoming reports. Many are closed and dealt with as non-security bug reports instead; many are closed as neither security nor bug reports. Let’s reveal some of this unseen work by the Python Security Response Team (PSRT). GHSAs by month #Here are the number of incoming GitHub Security Advisories (GHSA) reports created since July 2024: GHSAs by year #Here is the same thing by year, and remembering we’re only halfway through 2026: Email reports by month #We’ve only fairly recently been encouraging new reports be made via GHSA. Before this, they were usually made by email. The next chart is the number of email discussions (or threads) and participants by month: Thanks… No comments yet. Log in to reply on the Fediverse. Comments will appear here.