CVE-2026-7774 | Python CPython up to 3.14.x Link tarfile.extractall path traversal (ID 149486 / EUVD-2026-34282)

A vulnerability, which was classified as critical, was found in Python CPython up to 3.14.x. Impacted is the function tarfile.extractall of the component Link Handler. Such manipulation leads to path traversal.

This vulnerability is traded as CVE-2026-7774. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More