CVE-2026-2818

high Red Hat
CVSS v3 Base Score
7.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS Score
0.1%
Exploitation probability in 30 days
Top 79% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
Low
Integrity
Low
Availability
Low
Published: February 20, 2026 (83 days ago)
Last Modified: February 20, 2026
Vendor: Red Hat

Description

A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only.

CWE

CWE-22

Affected Products

Red Hat Fuse 7

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 www.herodevs.com