CVE-2026-48544

Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.getresource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...

Directory Traversal

Overview taipy is an A 360° open-source platform from Python pilots to production-ready web apps. Affected versions of this package are vulnerable to Directory Traversal via the ElementLibrary.getresource function. An attacker can access files outside the intended directory by sending crafted GET...

CVE-2026-48544 Taipy 4.1.1 Path Traversal via ElementLibrary.get_resource()

Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.getresource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...

CVE-2026-48544

Taipy 4.1.1 contains a path traversal vulnerability in ElementLibrary.get_resource() within taipy/gui/extension/library.py. The issue arises from an incomplete directory containment check using str.startswith() without a trailing path separator, allowing crafted GET requests with path traversal s...

Taipy 路径遍历漏洞

Taipy is an open-source application developed by Avaiga. It was designed specifically for data scientists and machine learning engineers to build data and artificial intelligence network applications. Version 4.1.1 of Taipy contains a path traversal vulnerability. This vulnerability stems from th...

EUVD-2025-114148

Malicious code in element-ui-ceres-aquarius-websockets npm...

EUVD-2025-114140

Malicious code in element-ui-html-webpack-plugin-impulse-odin npm...