CVE-2026-10621NVD

Vulnerability Summary

Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directory.

Severity Level

HIGH(7.5)

Published Date

Jun 2, 2026

Last Modified

Jun 2, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.05%Probability

Root Weakness (CWE)

N/A

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

ScopeUnchanged

ConfidentialityNone

IntegrityHigh

AvailabilityNone

External References

https://kb.cert.org/vuls/id/873170
https://www.collibra.com/

Critical Alert

CVE Watchtower

CVE-2026-10621NVD

Vulnerability Summary

External References