CVE-2026-54250 | k3s-io k3s up to 1.33.10+0/1.34.6+0/1.35.3+0 path traversal (GHSA-jxr7-mqhw-9p98)

Inserito da Angelo Barbosa | Giu 26, 2026 | CVE

A vulnerability, which was classified as critical, was found in k3s-io k3s up to 1.33.10+0/1.34.6+0/1.35.3+0. Affected by this issue is some unknown functionality. Such manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-54250. Local access is required to approach this attack. No exploit exists.

You should upgrade the affected component.

CVE-2026-54250 | k3s-io k3s up to 1.33.10+0/1.34.6+0/1.35.3+0 path traversal (GHSA-jxr7-mqhw-9p98)

Post correlati

CVE-2024-49373 | No Fuss Computing Centurion ERP up to 1.2.0 Project improper isolation or compartmentalization (GHSA-5qmx-pr2f-qhj5)

CVE-2026-41691 | i18next i18next-http-backend up to 3.0.4 Control Character path traversal (GHSA-q89c-q3h5-w34g)

CVE-2026-5186 | Nothings stb up to 2.30 Multi-frame GIF File stb_image.h stbi__load_gif_main double free

CVE-2024-2084 | HT Mega Plugin up to 2.4.6 on WordPress Lightbox Widget cross site scripting