Skip to content

CVE lookup

CVE-2026-42574

Pruva has a verified reproduction for CVE-2026-42574: apko: symlink-following path traversal writes files outside the build root. The canonical evidence record is REPRO-2026-00152.

REPRO

REPRO-2026-00152

Package

apko · go

Severity

HIGH

Status

published