CVE-2026-34726

Name of the Vulnerable Software and Affected Versions Copier versions prior to 9.14.1

Description Copier's subdirectory setting, intended to specify the template root, incorrectly allows parent directory traversal sequences like ... This allows a template to escape its directory and render files from the parent directory without using the --UNSAFE flag. The vulnerability lies in the lack of validation that the resulting path remains within the template directory. The vulnerable code path involves rendering the subdirectory string and using it directly to construct the template root path. This can lead to the rendering of files from unintended locations, potentially including sensitive data or configuration files in the parent directory.

Recommendations Update Copier to version 9.14.1 or later.