Is PyNaCl safe to use?

PyNaCl has 1 known vulnerabilities on the latest version (1.6.2). DepScope rates its health at 57/100 (high risk).

What is the latest version of PyNaCl?

The latest version of PyNaCl is 1.6.2, released 2026-01-01.

Does PyNaCl have known vulnerabilities?

Yes. PyNaCl has 1 known vulnerabilities. See depscope.dev/pkg/pypi/PyNaCl for details.

Is PyNaCl deprecated?

No, PyNaCl is actively maintained. Latest release: 1.6.2 (2026-01-01).

What are alternatives to PyNaCl?

Popular alternatives to PyNaCl in PyPI include: boto3, packaging, certifi, urllib3, requests.

What license does PyNaCl use?

PyNaCl is licensed under Apache-2.0.

PyNaCl

pypiv1.6.2

Python binding to the Networking and Cryptography (NaCl) library

License Apache-2.0permissive19 versions8 deps

pyca/pynacl

/ 100

Health

use with caution

[email protected] low health (57/100) — consider alternatives

Update to >= 3.6.1 to fix known vulnerabilities

Moderate health score (57/100) — verify manually

Health breakdown0 – 100

20/25

maintenance

0/20

popularity

23/25

security

9/15

maturity

5/15

community

Vulnerabilities

1 medium

Advisories (1)

Severity	ID	Summary	Fixed in
medium	CVE-2025-69277	libsodium has Incomplete List of Disallowed Inputs	3.6.1

Maintainer trust

Active maintainers (3m)

3

Contributors (12m)

9

Primary author dominance

39%

GitHub stars

1,192

Quality signals

OSS Criticality

0.51high

Download trend

stable(0%)

Publish security

API token

Health History

Dependency Tree

License Audit

Dependencies (8)

cffi cffi pytest pytest-cov pytest-xdist hypothesis sphinx sphinx_rtd_theme;

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/PyNaCl