Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3912 matches found

Vulnrichment
Vulnrichmentadded 2026/03/09 9:11 p.m.3 views

CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...

8.2CVSS5.8AI score0.00253EPSS
Exploits4References2
CVE
CVEadded 2026/03/09 9:11 p.m.28 views

CVE-2026-31802

CVE-2026-31802 affects node-tar (tar for Node.js) prior to version 7.5.11. The vulnerability allows a symlink path traversal during tar.x() extraction when a drive-relative symlink target such as C:../../../target.txt is used, enabling a file overwrite outside the extraction directory. The issue ...

8.2CVSS5.8AI score0.00253EPSS
Exploits4References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/09 9:11 p.m.4 views

CVE-2026-31802

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...

8.2CVSS5.8AI score0.00253EPSS
Exploits4References3Affected Software1
Cvelist
Cvelistadded 2026/03/09 9:11 p.m.42 views

CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...

8.2CVSS0.00253EPSS
Exploits4References2
OSV
OSVadded 2026/03/09 9:11 p.m.3 views

CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x...

8.2CVSS5.8AI score0.00253EPSS
Exploits4References4
RedhatCVE
RedhatCVEadded 2026/03/09 4:53 p.m.4 views

CVE-2026-29786

A flaw was found in node-tar. A hardlink that points outside the extraction directory can be created by using a drive-relative link target such as C:../target.txt, allowing a file overwrite outside the current working directory during normal tar.x extraction. Mitigation Red Hat has investigated...

8.6CVSS5.7AI score0.00276EPSS
Exploits2References5
NVD
NVDadded 2026/03/07 4:15 p.m.4 views

CVE-2026-29786

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS0.00276EPSS
Exploits2References2
OSV
OSVadded 2026/03/07 4:15 p.m.3 views

DEBIAN-CVE-2026-29786

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

6.3CVSS5.8AI score0.00276EPSS
Exploits2References1
OSV
OSVadded 2026/03/07 4:15 p.m.4 views

AZL-79553 CVE-2026-29786 affecting package tar 1.35-2

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS6.1AI score0.00276EPSS
Exploits2References1
OSV
OSVadded 2026/03/07 4:15 p.m.5 views

AZL-79556 CVE-2026-29786 affecting package tar 1.34-3

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS5.6AI score0.00276EPSS
Exploits2References1
UbuntuCve
UbuntuCveadded 2026/03/07 4:15 p.m.2 views

CVE-2026-29786

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS5.7AI score0.00276EPSS
Exploits2References3
OSV
OSVadded 2026/03/07 4:15 p.m.3 views

UBUNTU-CVE-2026-29786

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS5.8AI score0.00276EPSS
Exploits2References4
AlpineLinux
AlpineLinuxadded 2026/03/07 3:32 p.m.3 views

CVE-2026-29786

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS5.7AI score0.00276EPSS
Exploits2References2
Vulnrichment
Vulnrichmentadded 2026/03/07 3:32 p.m.5 views

CVE-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS5.7AI score0.00276EPSS
Exploits2References2
ATTACKERKB
ATTACKERKBadded 2026/03/07 3:32 p.m.4 views

CVE-2026-29786

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS5.7AI score0.00276EPSS
Exploits2References3Affected Software1
Cvelist
Cvelistadded 2026/03/07 3:32 p.m.39 views

CVE-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS0.00276EPSS
Exploits2References2
OSV
OSVadded 2026/03/07 3:32 p.m.3 views

CVE-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x extraction. Th...

8.2CVSS5.7AI score0.00276EPSS
Exploits2References4
CVE
CVEadded 2026/03/07 3:32 p.m.52 views

CVE-2026-29786

CVE-2026-29786 — node-tar hardlink path-traversal Affected: node-tar (Node.js tar handling) prior to version 7.5.10. Summary: tar can be tricked into creating a hardlink outside the extraction directory by using a drive-relative link target (e.g., C:../target.txt), enabling file overwrite outside...

8.2CVSS5.7AI score0.00276EPSS
Exploits2References2Affected Software1
GithubExploit
GithubExploitadded 2026/03/05 10:53 p.m.235 views

Exploit for CVE-2026-29786

CVE-2026-29786 Research: Joshua van Rijswijkhttps://gi...

6AI score0.00276EPSS
Exploits2
Malwarebytes
Malwarebytesadded 2026/03/05 11:7 a.m.12 views

Windows File Shredder: When deleting a file isn’t enough

Most of us think deleting a file means it’s gone for good. But “delete” on a Windows device often just means “out of sight,” not necessarily “out of reach.” That’s where File Shredder, a new feature within Malwarebytes Tools for Windows, comes in. File Shredder lets you securely delete files from...

5.9AI score
Exploits0
Rows per page
Query Builder