CVE-2026-48681
5.9 MEDIUMOpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image
Published: 2026-06-04 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 5.9 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-23
Affected products
| Vendor | Product |
|---|---|
| openstack | ironic |
Description
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-44917 — OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via ... (4.9 MEDIUM)
- CVE-2026-46447 — OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info (5.8 MEDIUM)
- CVE-2026-44394 — An issue was discovered in OpenStack Keystone before 29.0.2 (6.0 MEDIUM)
- CVE-2026-43000 — An issue was discovered in OpenStack Keystone before 29.0.2 (6.0 MEDIUM)
- CVE-2026-42999 — An issue was discovered in OpenStack Keystone before 29.0.2 (6.0 MEDIUM)
Same CWE
- CVE-2026-48569 — Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally (7.1 HIGH)
- CVE-2026-47287 — Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network (6.5 MEDIUM)
- CVE-2026-5422 — A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_p... (8.1 HIGH)
- CVE-2026-10074 — DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path ... (4.9 MEDIUM)
- CVE-2026-10073 — DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative ... (7.5 HIGH)