๐Ÿ” CVE Alert

CVE-2026-47826

HIGH 8.8

blobs.yaml Path Traversal Allows File Writes

CVSS Score
8.8
EPSS Score
0.3%
EPSS Percentile
25th

The blobs.yml path key traversal vulnerability in the BOSH CLI tool allows an attacker to write arbitrary files and exfiltrate sensitive information. Affected versions: BOSH CLI tool versions prior to v7.10.4.

Vendor cloudfoundry foundation
Product bosh cli tool
Published Jul 9, 2026
Last Updated Jul 9, 2026
Stay Ahead of the Next One

Get instant alerts for cloudfoundry foundation bosh cli tool

Be the first to know when new high vulnerabilities affecting cloudfoundry foundation bosh cli tool are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Versions

CloudFoundry Foundation / BOSH CLI tool
0 < 7.10.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
cloudfoundry.org: https://www.cloudfoundry.org/blog/cve-2026-47826-blobs-yaml-path-traversal-allows-file-writes/