CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
ATT&CK techniques detected
T1203Exploitation for Client Execution
34%
“cve - 2026 - 3087 shutil. unpack _ archive ( ) doesn ' t check for windows absolute paths in zips you need to enable javascript to run this app.”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Information published.