Lucene search
K

The vulnerability of the command-line tool for working with Wheel files is related to incorrect path name restrictions, which allows attackers to escalate their privileges or execute arbitrary code.

🗓️ 25 Mar 2026 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 1 Views

Wheel tool CLI has improper path restrictions, enabling privilege escalation or code execution.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in wheel-0.45.1-py3-none-any.whl
5 May 202622:30
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in wheel affects IBM Netezza Appliance
16 Apr 202609:34
ibm
IBM Security Bulletins
Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.
31 Mar 202613:54
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in wheel affects IBM watsonx Orchestrate with watsonx Assistant Cartridge
23 Mar 202619:39
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in wheel affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
4 May 202614:25
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (April 2026 - Part 1 of 2)
1 May 202605:38
ibm
IBM Security Bulletins
Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities
16 Apr 202613:14
ibm
IBM Security Bulletins
Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses wheel dependency which is vulnerable to CVE-2026-24049.
30 Mar 202611:40
ibm
IBM Security Bulletins
Security Bulletin: File permission modification, improper access control, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
16 Feb 202615:12
ibm
IBM Security Bulletins
Security Bulletin: IBM Quantum Safe Remediator is affected by multiple vulnerabilities
5 May 202615:14
ibm
Rows per page
Vulners
Node
pythonwheelRange<0.46.2

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jul 2026 00:00Current
7High risk
Vulners AI Score7
CVSS 26.6
CVSS 37.1
EPSS0.00311
1