{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T12:57:18.773","vulnerabilities":[{"cve":{"id":"CVE-2026-26157","sourceIdentifier":"secalert@redhat.com","published":"2026-02-11T21:16:21.400","lastModified":"2026-06-02T14:16:49.930","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files."},{"lang":"es","value":"Se encontró una vulnerabilidad en BusyBox. La sanitización incompleta de rutas en sus utilidades de extracción de archivos permite a un atacante crear archivos maliciosos que, al ser extraídos y bajo condiciones específicas, pueden escribir en archivos fuera del directorio previsto. Esto puede llevar a una sobrescritura arbitraria de archivos, lo que podría permitir la ejecución de código mediante la modificación de archivos de sistema sensibles."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:13831","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-26157","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439039","source":"secalert@redhat.com"},{"url":"https://git.busybox.net/busybox/commit/archival?id=3fb6b31c716669e12f75a2accd31bb7685b1a1cb","source":"secalert@redhat.com"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}}]}