CVE-2026-29790 | dbt-labs dbt-common up to 1.34.1/1.37.2 tarball os.path.commonprefix path traversal

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability classified as critical was found in dbt-labs dbt-common up to 1.34.1/1.37.2. This affects the function os.path.commonprefix of the component tarball Handler. The manipulation results in path traversal.

This vulnerability is identified as CVE-2026-29790. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-29790 | dbt-labs dbt-common up to 1.34.1/1.37.2 tarball os.path.commonprefix path traversal

Post correlati

CVE-2024-55082 | Stirling-PDF 0.35.1 /url-to-pdf server-side request forgery

CVE-2025-22747 | Tor Morten Jensen Foundation Columns Plugin up to 0.8 on WordPress cross site scripting

CVE-2023-38618 | GTKWave 3.3.115 VZT integer overflow (TALOS-2023-1812)

CVE-2024-3917 | Pet Manager Plugin up to 1.4 on WordPress cross site scripting