CVE-2026-49991 | RustFS 1.0.0-beta.4 Snowball auto-extract Feature path traversal (GHSA-f4vq-9ffr-m8m3)

Inserito da Angelo Barbosa | Giu 26, 2026 | CVE

A vulnerability labeled as critical has been found in RustFS 1.0.0-beta.4. Impacted is an unknown function of the component Snowball auto-extract Feature. The manipulation results in path traversal.

This vulnerability is reported as CVE-2026-49991. The attack can be launched remotely. No exploit exists.

CVE-2026-49991 | RustFS 1.0.0-beta.4 Snowball auto-extract Feature path traversal (GHSA-f4vq-9ffr-m8m3)

Post correlati

CVE-2026-41858 | Cloud Foundry windows-utilities-release up to 0.22.x Administrator Password randomize_password weak prng (EUVD-2026-34195)

CVE-2026-11858 | Quanos Solutions SCHEMA ST4 Client Update Service authorization

CVE-2024-35235 | OpenPrinting CUPS up to 2.4.8 Setting cupsd.conf link following (GHSA-vvwp-mv6j-hw6f)

CVE-2026-38533 | Snipe-IT 8.4.0 PUT /api/v1/users/ improper authentication