CVE-2026-7774: Python tarfile Path Traversal on Azure
🟠 High | Source: Microsoft Security Response Center CVE-2026-7774 is a path traversal vulnerability in Python’s tarfile module that allows an attacker to bypass the data_filter safety control, which is designed to prevent files from being extracted outside their intended directory. By crafting a malicious tar archive, an attacker could write files to arbitrary locations on the host filesystem. This is particularly concerning in cloud and containerised environments where tar extraction is commonly used in build pipelines, deployment scripts, and data ingestion workflows. ...