CVE-2026-43965 | Gleam up to 1.16.x packages.toml paths.build_packages_package path traversal (GHSA-jqvf-f6p2-wrv3)

A vulnerability labeled as critical has been found in Gleam up to 1.16.x. Impacted is the function paths.build_packages_package of the file build/packages/packages.toml. The manipulation results in path traversal.

This vulnerability is cataloged as CVE-2026-43965. The attack must be initiated from a local position. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More