CVE-2026-3087
ADVISORY - nistSummary
If shutil.unpack_archive() is given a ZIP archive with an absolute Windows path containing a drive (C:\\...) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.
EPSS Score: 0.00061 (0.189)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Docker
CREATED
UPDATED
ADVISORY ID
CVE-2026-3087
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
NIST
CREATED
UPDATED
ADVISORY IDCVE-2026-3087
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
6mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2026-3087
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-3087
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumBitnami
CREATED
UPDATED
ADVISORY ID
BIT-libpython-2026-3087
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
6mediumBitnami
CREATED
UPDATED
ADVISORY ID
BIT-python-2026-3087
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
6mediumBitnami
CREATED
UPDATED
ADVISORY ID
BIT-python-min-2026-3087
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
6mediumminimos
CREATED
UPDATED
ADVISORY ID
MINI-4gj2-v85m-7mgj
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-6xh8-hchh-wj29
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-9vxv-hf33-3pjm
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-jfqm-3f63-fh89
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-