cyberMEDIUM2026-04-23 19:17 UTC

CVE-2026-41205 - Mako: Path traversal via double-slash URI prefix in TemplateLookup

CVE ID :CVE-2026-41205 Published : April 23, 2026, 7:17 p.m. | 33 minutes ago Description :Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an

ORIGINAL SOURCE →via CVE Feed Latest

⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

[CYBER] Attempted hack on my Microsoft account. Was it a VPN node?
[CYBER] KelpDAO hack news: Aave leads DeFi bailout push after $292M crypto exploit - CoinDesk
[CYBER] US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
[CYBER] Speaking Freely: Lizzie O'Shea
[CYBER] Dragos: Despite AI use, new malware targeting water plants is ‘hype’
[CYBER] Trump’s pick to run US cyber agency CISA asks to drop out

Editorial policy · Report a correction