{"id":81223,"date":"2026-06-29T13:34:59","date_gmt":"2026-06-29T10:04:59","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-25707-handcrafted-repo-metadata-may-cause-arbitrary-local-files-to-be-overwritten-by-libzypp\/"},"modified":"2026-06-29T13:34:59","modified_gmt":"2026-06-29T10:04:59","slug":"cve-2026-25707-handcrafted-repo-metadata-may-cause-arbitrary-local-files-to-be-overwritten-by-libzypp","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-25707-handcrafted-repo-metadata-may-cause-arbitrary-local-files-to-be-overwritten-by-libzypp\/","title":{"rendered":"CVE-2026-25707 &#8211; Handcrafted repo metadata may cause arbitrary local files to be overwritten by libzypp"},"content":{"rendered":"<p>CVE ID :CVE-2026-25707<\/p>\n<p>  Published : June 29, 2026, 10:04 a.m. | 1\u00a0hour, 41\u00a0minutes ago<\/p>\n<p>  Description :A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation.<\/p>\n<p>  Severity: 8.8 | HIGH<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-25707 Published : June 29, 2026, 10:04 a.m. | 1\u00a0hour, 41\u00a0minutes ago Description :A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation. Severity: 8.8 | HIGH &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-81223","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81223","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=81223"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81223\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=81223"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=81223"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=81223"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}