CVE-2026-23949HIGHCVSS 8.6≥ 5.2.0, < 6.1.0·v>= 5.2.0, < 6.1.02026-01-20
CVE-2026-23949 [HIGH] CWE-22 CVE-2026-23949: jaraco.context, an open-source software package that provides some useful decorators and context man
jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract files outside the intended extraction directory when mali
ghsanvdosv