CVE-2026-32805 | ctfer-io romeo up to 0.2.1 Tar decoder.go sanitizeArchivePath path traversal

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability has been found in ctfer-io romeo up to 0.2.1 and classified as critical. This issue affects the function sanitizeArchivePath of the file webserver/api/v1/decoder.go of the component Tar Handler. The manipulation leads to path traversal.

This vulnerability is documented as CVE-2026-32805. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-32805 | ctfer-io romeo up to 0.2.1 Tar decoder.go sanitizeArchivePath path traversal

Post correlati

CVE-2024-29982 | Microsoft OLE DB Driver/SQL Server heap-based overflow

CVE-2024-42020 | Veeam ONE up to 12.1.0.3208 Reporter Widgets cross site scripting (kb4649)

CVE-2024-27234 | Google Android fvp.c fvp_set_target information disclosure

CVE-2025-1612 | Edimax BR-6288ACL 1.30 wireless5g_basic.asp SSID cross site scripting