CVE-2026-27606
CVE-2026-27606 affects Rollup: vulnerable in versions prior to 2.80.0, 3.30.0, and 4.59.0 due to insecure file name sanitization in the core engine, enabling arbitrary file write via path traversal. An attacker can use traversal sequences (e.g., ../) to overwrite files the build process can acces...