Security vulnerabilities and automated fixes for unicode issues
1 post found
A medium-severity vulnerability in node-tar (CVE-2026-24842) allowed attackers to create arbitrary files outside intended directories by exploiting Unicode path collisions in hardlink security checks. This race condition could enable malicious tar archives to overwrite critical system files, potentially leading to remote code execution or privilege escalation.