CVE-2026-26960 | isaacs node-tar up to 7.5.7 Extraction path traversal

Full Article URL: https://vuldb.com/?id.346449
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMzGxBACQSgj9_2026-02-18">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMzGxBACQSgj9_2026-02-18
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2026-02-18 07:09:35
Last retrieval: 2026-02-18 06:46:15.301114

07:09 - 18 Feb 2026

vuldb.com

A vulnerability was found in isaacs node-tar up to 7.5.7 and classified as critical. This vulnerability affects unknown code of the component Extraction Handler. Such manipulation leads to path traversal. This vulnerability is listed as CVE-2026-26960. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

https://vuldb.com/?id.346449

Article info: