CVE-2026-29064 | zarf-dev zarf up to 0.73.0 path traversal

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability was found in zarf-dev zarf up to 0.73.0. It has been rated as critical. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in path traversal.

This vulnerability was named CVE-2026-29064. The attack needs to be approached locally. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-29064 | zarf-dev zarf up to 0.73.0 path traversal

Post correlati

CVE-2024-9411 | OFCMS 1.1.2 add.json add dict_value cross site scripting (IATECW)

CVE-2024-0420 | MapPress Maps Plugin prior 2.88.15 on WordPress Admin Dashboard Map Title cross site scripting

CVE-2025-25691 | PrestaShop 8.2.0 HTTP POST Request /themes/import deserialization

CVE-2025-67015 | Comtech EF Data CDM-625/EF Data CDM-625A 2.5.1 HTTP POST Request /Forms/admin_access_1 access control