CVE-2026-6410 | fastify static up to 9.1.0 Directory Listing dirList.path path traversal (GHSA-pr96-94w5-mx2h)

A vulnerability marked as critical has been reported in fastify static up to 9.1.0. This vulnerability affects the function dirList.path of the component Directory Listing Handler. Performing a manipulation results in path traversal.

This vulnerability is identified as CVE-2026-6410. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More