Vulnerability intelligence
CVE-2026-10621
Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directory.
CVSS Score
7.5
High
EPSS — Exploit Probability
0.0%
Riskier than 16% of all CVEs
Exploitation
Not in CISA KEV
No federal exploitation record
Remediation
unknown
Check vendor advisories
1 article across 1 outlet · first covered Jun 8, 2026 · latest Jun 8, 2026
Tracked incidents
Coverage timeline
-
Attackers exploit CVE-2026-28318 and Zip Slip in Collibra Agentsecurityonline.info · Jun 8, 2026