CVE-2026-5704

ADVISORY - nist

Summary

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection.

EPSS Score⁠: 0.00025 (0.071)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-434⁠

Unrestricted Upload of File with Dangerous Type

ADVISORY - redhat

CWE-434⁠

Unrestricted Upload of File with Dangerous Type

Impacted images

Advisories

NIST

CREATED

3 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-5704⁠

EXPLOITABILITY SCORE

1.3

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

5medium

Debian

CREATED

3 days ago

UPDATED

1 day ago

ADVISORY IDCVE-2026-5704⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

3 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-5704⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

4 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-5704⁠

EXPLOITABILITY SCORE

1.3

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

5medium