CVE-2025-8869 | pip up to 25.2 on Python TAR Archive symlink

A vulnerability labeled as critical has been found in pip up to 25.2 on Python. Affected is an unknown function of the component TAR Archive Handler. Executing manipulation can lead to symlink following.

This vulnerability is registered as CVE-2025-8869. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More