CVE-2026-43637 - Cornac < 2.6.0 Path Traversal via _extract_archive() in download.py
CVE ID :CVE-2026-43637 Published : July 15, 2026, 2:18 p.m. | 16 minutes ago Description :Cornac before 2.6.0 contains a path traversal (Tar Slip) vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containing...