Platform
python
Component
guarddog
Fixed in
2.7.2
2.7.1
CVE-2026-22871 describes a path traversal vulnerability discovered in the GuardDog Python package. This flaw enables malicious actors to overwrite arbitrary files, ultimately leading to Remote Code Execution (RCE) on affected systems. The vulnerability impacts versions of GuardDog up to and including 2.7.0, with a fix available in version 2.7.1.
The path traversal vulnerability in GuardDog allows attackers to bypass intended file system restrictions. By crafting malicious PyPI packages, an attacker can manipulate the safe_extract() function to write files outside the designated extraction directory. This file overwrite capability can be leveraged to inject malicious code, modify system configurations, or compromise sensitive data. Successful exploitation could grant an attacker complete control over the affected system, enabling them to execute arbitrary commands, steal credentials, or establish a persistent foothold. The potential blast radius extends to any system utilizing vulnerable versions of GuardDog, particularly those involved in automated software deployment or dependency management.
This vulnerability was publicly disclosed on January 13, 2026. While no active exploitation campaigns have been publicly reported, the ease of exploitation and the potential for widespread impact make it a significant concern. The vulnerability's nature aligns with common supply chain attack vectors, increasing the risk of exploitation. No KEV listing is currently available.
Exploit Status
EPSS
0.66% (71% percentile)
CISA SSVC
The primary mitigation for CVE-2026-22871 is to upgrade to GuardDog version 2.7.1 or later, which addresses the path traversal vulnerability. If immediate upgrading is not feasible, consider implementing temporary workarounds such as restricting the directories accessible to GuardDog or implementing stricter file system permissions. Monitor PyPI for suspicious packages and review dependencies regularly. Consider using a software composition analysis (SCA) tool to identify vulnerable dependencies in your projects. After upgrading, confirm the fix by attempting to extract a test archive and verifying that files are written only to the intended directory.
Actualice la herramienta GuardDog a la versión 2.7.1 o superior. Esto solucionará la vulnerabilidad de path traversal que permite la escritura arbitraria de archivos y la ejecución remota de código. Puede actualizar GuardDog utilizando el gestor de paquetes pip: `pip install --upgrade guarddog`.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-22871 is a Remote Code Execution vulnerability in the GuardDog Python package, allowing attackers to overwrite files and potentially gain control of systems.
You are affected if you are using GuardDog version 2.7.0 or earlier. Upgrade to 2.7.1 or later to mitigate the risk.
Upgrade to GuardDog version 2.7.1 or later. As a temporary workaround, restrict file system access or monitor for suspicious file modifications.
No active exploitation campaigns have been publicly reported, but the vulnerability's ease of exploitation warrants caution.
Refer to the GuardDog project's official security advisories and release notes for details: [https://github.com/guarddog-project/guarddog](https://github.com/guarddog-project/guarddog)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.