CVE-2026-26960 | isaacs node-tar up to 7.5.7 Extraction path traversal

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability was found in isaacs node-tar up to 7.5.7 and classified as critical. This vulnerability affects unknown code of the component Extraction Handler. Such manipulation leads to path traversal.

This vulnerability is listed as CVE-2026-26960. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-26960 | isaacs node-tar up to 7.5.7 Extraction path traversal

Post correlati

CVE-2024-28142 | Image Access Scan2Net cross site scripting

CVE-2024-10319 | 140+ Widgets Plugin up to 1.4.6 on WordPress Elementor Template information disclosure

CVE-2024-56710 | Linux Kernel up to 6.12.6 ceph_direct_read_write memory leak

CVE-2025-38157 | Linux Kernel up to 6.15.2 ath9k_htc_swba out-of-bounds