PT-2026-22339 · Google · Google Web Designer
Published
2026-02-27
·
Updated
2026-03-03
·
CVE-2026-3223
CVSS v4.0
8.4
High
| Vector | AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Google Web Designer (affected versions not specified)
Description
The software is susceptible to a zip slip vulnerability, which can lead to arbitrary file write and potential privilege escalation. A zip slip vulnerability occurs when a program extracts compressed files without properly sanitizing the file names, allowing an attacker to write files to arbitrary locations on the system. This could allow an attacker to overwrite critical system files or execute malicious code.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Google Web Designer