CVE-2026-10621
CVE-2026-10621
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directory.
| Vendor | collibra |
| Product | collibra platform (saas) |
| Published | Jun 2, 2026 |
| Last Updated | Jun 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for collibra collibra platform (saas)
Be the first to know when new high vulnerabilities affecting collibra collibra platform (saas) are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Collibra / Collibra Platform (SaaS)
2025.10 < 2025.10.9
Collibra / Collibra Platform (SaaS)
2025.11 < 2025.11.7
Collibra / Collibra Platform (SaaS)
2026.02 < 2026.02.6
Collibra / Collibra Platform (SaaS)
2026.03 < 2026.03.4
Collibra / Collibra Platform (SaaS)
2026.04 < 2024.04.5
Collibra / Collibra Platform (on-prem)
2026.03 < 2026.03.356
Collibra / Collibra Platform (on-prem)
2025.10 < 2025.10.399