CVE-2026-44941 - libzypp path traversal via "keyhint" in repomd.xml
CVE ID :CVE-2026-44941
Published : July 2, 2026, 3:19 p.m. | 1 hour, 24 minutes ago
Description :A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 2, 2026, 3:19 p.m. | 1 hour, 24 minutes ago
Description :A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...