CVE-2026-42085 | OpenC3 cosmos up to 6.10.4/7.0.0-rc2 Configuration File /plugins save_tool_config path traversal (GHSA-4jvx-93h3-f45h)

A vulnerability has been found in OpenC3 cosmos up to 6.10.4/7.0.0-rc2 and classified as problematic. The impacted element is the function save_tool_config of the file /plugins of the component Configuration File Handler. The manipulation leads to relative path traversal.

This vulnerability is traded as CVE-2026-42085. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More