CVE-2026-10621
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/06/2026
Last modified:
02/06/2026
Description
Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directory.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH



