CVE-2026-29059 | windmill-labs windmill up to 1.603.2 get_log_file filename path traversal

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability marked as critical has been reported in windmill-labs windmill up to 1.603.2. This affects the function get_log_file of the file /api/w/{workspace}/jobs_u/get_log_file/. This manipulation of the argument filename causes path traversal.

This vulnerability appears as CVE-2026-29059. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-29059 | windmill-labs windmill up to 1.603.2 get_log_file filename path traversal

Post correlati

CVE-2025-5648 | Radare2 5.9.9 radiff2 /libr/cons/pal.c r_cons_pal_init -T memory corruption

CVE-2025-52550 | Copeland LP E3 Supervisory Control up to 2.31F00 Application Service signature verification

CVE-2024-55228 | Dolibarr CRM 21.0.0-beta Product Module Title cross site scripting

CVE-2024-27270 | IBM WebSphere Application Server Liberty up to 24.0.0.3 URI cross site scripting (XFDB-284576)