Security updates

[github-actions]

Security Vulnerability Report

Generated on: 2026-06-17 22:22:26

Summary

Found vulnerabilities in 5 packages requiring updates.

Package Upgrades Overview

Package	Current Version	Recommended Version	Vulnerabilities
aiohttp	3.13.4	3.14.1	11
biopython	1.85	Unknown	1
bleach	6.2.0	6.4.0	2
starlette	1.0.1	1.3.1	4
tornado	6.5.5	6.5.7	4

Detailed Vulnerability Information

aiohttp (v3.13.4)

Vulnerability ID	Fix Versions	Aliases
CVE-2026-34993	3.14.0	GHSA-jg22-mg44-37j8
CVE-2026-47265	3.14.0	GHSA-hg6j-4rv6-33pg
CVE-2026-54273	3.14.1	GHSA-4fvr-rgm6-gqmc
CVE-2026-54279	3.14.1	GHSA-2fqr-mr3j-6wp8
CVE-2026-54277	3.14.1	GHSA-63hw-fmq6-xxg2
CVE-2026-50269	3.14.0	GHSA-m6qw-4cw2-hm4m
CVE-2026-54276	3.14.1	GHSA-hpj7-wq8m-9hgp
CVE-2026-54278	3.14.1	GHSA-g3cq-j2xw-wf74
CVE-2026-54280	3.14.1	GHSA-9x8q-7h8h-wcw9
CVE-2026-54274	3.14.1	GHSA-xcgm-r5h9-7989
CVE-2026-54275	3.14.1	GHSA-4m7w-qmgq-4wj5

biopython (v1.85)

Vulnerability ID	Fix Versions	Aliases
CVE-2025-68463		GHSA-x3vf-39hj-gxr4

bleach (v6.2.0)

Vulnerability ID	Fix Versions	Aliases
GHSA-gj48-438w-jh9v	6.4.0
GHSA-8rfp-98v4-mmr6	6.4.0

starlette (v1.0.1)

Vulnerability ID	Fix Versions	Aliases
CVE-2026-48818	1.1.0	GHSA-wqp7-x3pw-xc5r
CVE-2026-48817	1.1.0	GHSA-x746-7m8f-x49c
CVE-2026-54283	1.3.1	GHSA-82w8-qh3p-5jfq
CVE-2026-54282	1.3.0	GHSA-jp82-jpqv-5vv3

tornado (v6.5.5)

Vulnerability ID	Fix Versions	Aliases
CVE-2026-49854	6.5.6	GHSA-cx3h-4qpv-8hc9
CVE-2026-49853	6.5.6	GHSA-3x9g-8vmp-wqvf
CVE-2026-49855	6.5.6	GHSA-mgf9-4vpg-hj56
GHSA-pw6j-qg29-8w7f	6.5.7

Recommended Actions

1. Review the vulnerability details above.
2. Close and reopen this PR to trigger CI/CD tests.
3. Approve and merge the PR if everything looks good.

---

This report was generated automatically. Please verify all upgrades before applying.