CVE-2026-41082

CVSS v3.1

7.3

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

Name of the Vulnerable Software and Affected Versions opam versions prior to 2.5.1

Description A directory traversal issue exists where a .install field containing a destination filepath can use ../ to reach a parent directory.

Recommendations Update to version 2.5.1.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-24

Related Identifiers

CVE-2026-41082

OPENSUSE-SU-2026:10568-1

OSEC-2026-03

USN-8256-1

Affected Products

Linuxmint

Ubuntu

Opam

CVE-2026-41082

Weakness Enumeration

Related Identifiers

Affected Products

References · 18