CVE-2026-25707

HIGH 8.8

Handcrafted repo metadata may cause arbitrary local files to be overwritten by libzypp

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

0th

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation.

CWE	CWE-23
Vendor	suse
Product	libzypp
Published	Jun 29, 2026
Last Updated	Jun 29, 2026

Stay Ahead of the Next One

Get instant alerts for suse libzypp

Be the first to know when new high vulnerabilities affecting suse libzypp are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

SUSE / libzypp

0 < 17.38.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

bugzilla.suse.com: https://bugzilla.suse.com/show_bug.cgi?id=1259802 github.com: https://github.com/openSUSE/libzypp/commit/f09feda7fca03c941218aab0bb161cc82b185b6b

Credits

Michael Andres of SUSE