Tag

Cve-2026-44829

1 brief RSS

Gotenberg Path Traversal Vulnerability via Windows-Style Separators in Zip Entry Name (CVE-2026-44829)

Gotenberg is vulnerable to path traversal (CVE-2026-44829) due to improper sanitization of filenames in zip archives, allowing attackers to write files outside the intended extraction directory by using Windows-style path separators (backslashes) in uploaded filenames, affecting versions up to 8.32.0.

gotenberg/gotenberg path-traversal zip-archive cve-2026-44829

2r 1t 23h ago