CVE-2026-22860 | Rack up to 2.2.21/3.1.19/3.2.4 Rack::Directory path traversal (GHSA-mxw3-3hh2-x2mh)

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability, which was classified as critical, was found in Rack up to 2.2.21/3.1.19/3.2.4. This affects the function Rack::Directory. The manipulation results in path traversal.

This vulnerability is identified as CVE-2026-22860. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-22860 | Rack up to 2.2.21/3.1.19/3.2.4 Rack::Directory path traversal (GHSA-mxw3-3hh2-x2mh)

Post correlati

CVE-2024-3581 | MaxGalleria Plugin up to 6.4.2 on WordPress authorization

CVE-2024-49282 | dFactory Responsive Lightbox Plugin up to 2.4.8 on WordPress cross site scripting

CVE-2024-33060 | Qualcomm Snapdragon Auto up to SM use after free

CVE-2024-47771 | Element Desktop up to 1.11.80 information disclosure (GHSA-963w-49j9-gxj6)