Problem
pygments 2.20.0 was released to fix CVE-2026-4539.
However, mkdocs-techdocs-core currently pins pygments to a version range that excludes >=2.20.0,
preventing downstream projects from upgrading to the patched release.
Request
Please update the pygments dependency constraint in mkdocs-techdocs-core to allow >=2.20.0.
Impact
Projects using mkdocs-techdocs-core are unable to resolve the CVE-2026-4539 vulnerability
as long as this constraint is in place. pip-audit will continue to flag the vulnerability
with no available workaround.
Problem
pygments 2.20.0was released to fix CVE-2026-4539.However,
mkdocs-techdocs-corecurrently pinspygmentsto a version range that excludes>=2.20.0,preventing downstream projects from upgrading to the patched release.
Request
Please update the
pygmentsdependency constraint inmkdocs-techdocs-coreto allow>=2.20.0.Impact
Projects using
mkdocs-techdocs-coreare unable to resolve the CVE-2026-4539 vulnerabilityas long as this constraint is in place.
pip-auditwill continue to flag the vulnerabilitywith no available workaround.