Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Arbitrary File Write

🗓️ 14 Mar 2026 05:20:32Reported by Veracode Vulnerability DatabaseType 
veracode
 veracode🔗 sca.analysiscenter.veracode.com👁 5 Views

Black is vulnerable to arbitrary file write due to sanitization of the --python-cell-magics option when creating cache files.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses black-26.1.0 which is vulnerable to CVE-2026-31900
5 May 202609:43
ibm
IBM Security Bulletins		Security Bulletin: IBM Edge Data Collector uses black-24.10.0-py3-none-any.whl which is vulnerable to CVE-2026-31900, CVE-2026-32274.
1 May 202612:06
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in Black affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
22 Jun 202613:16
ibm
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities in watsonx.data
13 May 202617:54
ibm
ATTACKERKB		CVE-2026-32274
12 Mar 202619:47
attackerkb
Chainguard		CVE-2026-32274 vulnerabilities
16 Mar 202619:17
cgr
Circl		CVE-2026-32274
12 Mar 202619:16
circl
CNNVD		Black 路径遍历漏洞
12 Mar 202600:00
cnnvd
CVE		CVE-2026-32274
12 Mar 202619:47
cve
Cvelist		CVE-2026-32274 Black: Arbitrary file writes from unsanitized user input in cache file name
12 Mar 202619:47
cvelist
Rows per page
Vulners
Node
blackblackRange21.5b126.3.0python
OR
blackblackMatch18.3a0python
OR
blackblackMatch18.3a1python
OR
blackblackMatch18.3a2python
OR
blackblackMatch18.3a3python
OR
blackblackMatch18.3a4python
OR
blackblackMatch18.4a0python
OR
blackblackMatch18.4a1python
OR
blackblackMatch18.4a2python
OR
blackblackMatch18.4a3python
OR
blackblackMatch18.4a4python
OR
blackblackMatch18.5b0python
OR
blackblackMatch18.5b1python
OR
blackblackMatch18.6b0python
OR
blackblackMatch18.6b1python
OR
blackblackMatch18.6b2python
OR
blackblackMatch18.6b3python
OR
blackblackMatch18.6b4python
OR
blackblackMatch18.9b0python
OR
blackblackMatch19.10b0python
OR
blackblackMatch19.3b0python
OR
blackblackMatch20.8b0python
OR
blackblackMatch20.8b1python
OR
blackblackMatch21.10b0python
OR
blackblackMatch21.11b0python
OR
blackblackMatch21.11b1python
OR
blackblackMatch21.12b0python
OR
blackblackMatch21.4b0python
OR
blackblackMatch21.4b1python
OR
blackblackMatch21.4b2python
OR
blackblackMatch21.5b0python
OR
blackblackMatch21.5b1python
OR
blackblackMatch21.5b2python
OR
blackblackMatch21.6b0python
OR
blackblackMatch21.7b0python
OR
blackblackMatch21.8b0python
OR
blackblackMatch21.9b0python
OR
blackblackMatch22.1.0python
OR
blackblackMatch22.10.0python
OR
blackblackMatch22.12.0python
OR
blackblackMatch22.3.0python
OR
blackblackMatch22.6.0python
OR
blackblackMatch22.8.0python
OR
blackblackMatch23.1.0python
OR
blackblackMatch23.10.0python
OR
blackblackMatch23.10.1python
OR
blackblackMatch23.11.0python
OR
blackblackMatch23.12.0python
OR
blackblackMatch23.12.1python
OR
blackblackMatch23.1a1python
OR
blackblackMatch23.3.0python
OR
blackblackMatch23.7.0python
OR
blackblackMatch23.9.0python
OR
blackblackMatch23.9.1python
OR
blackblackMatch24.1.0python
OR
blackblackMatch24.1.1python
OR
blackblackMatch24.10.0python
OR
blackblackMatch24.1a1python
OR
blackblackMatch24.2.0python
OR
blackblackMatch24.3.0python
OR
blackblackMatch24.4.0python
OR
blackblackMatch24.4.1python
OR
blackblackMatch24.4.2python
OR
blackblackMatch24.8.0python
OR
blackblackMatch25.1.0python
OR
blackblackMatch25.11.0python
OR
blackblackMatch25.12.0python
OR
blackblackMatch25.9.0python
OR
blackblackMatch26.1.0python
OR
blackblackMatch26.1a1python

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
09 May 2026 05:39Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.17.5
CVSS 48.7
EPSS0.00424
SSVC
arbitrary file writesanitization issuepython cell magicscache file namesarbitrary locations
5