CVE-2026-24909
vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction.
More information : https://github.com/vltpkg/vltpkg/pull/1334
vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction.
More information : https://github.com/vltpkg/vltpkg/pull/1334