CVE-2026-2818

High CVSS: 8.2

A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only.

Vendor

Product

CWE

CWE-23

Yayın Tarihi

2026-02-20 17:25:57

Güncelleme

2026-02-20 18:57:15

Source Identifier

36c7be3b-2937-45df-85ea-ca7133ea542c

KEV Date Added

Kategoriler

CWE-23 HIGH 2026

Referanslar

https://www.herodevs.com/vulnerability-directory/cve-2026-2818