sosreport is vulnerable to insecure defaults. The library creates temporary archive files with world-readable permissions, allowing a malicious user to extract these files and read their contents. This vulnerability exists due to a regression in the default behavior of sosreport.