id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
37053	Add validate=True to base64.b64decode() calls	Sarah Boyce	Sarah Boyce	Following the recent Python CVE https://www.cve.org/CVERecord?id=CVE-2026-3446, the security team agreed there is no reason (to our knowledge) we shouldn't be using `validate=True` in our `base64.b64decode()` calls. 	Cleanup/optimization	assigned	Core (Other)	dev	Normal				Unreviewed	1	0	0	0	0	0