Skip to main content

Die Engine

1 CVEs product

Monthly

CVE-2026-43616 MEDIUM PATCH This Month

Path traversal in Detect-It-Easy archive extraction allows local attackers to write arbitrary files outside intended directories and achieve persistent code execution by overwriting user startup scripts. Affects all versions prior to 3.21. Exploitation requires user interaction to open a specially crafted archive file. Vendor-released patch available in version 3.21, with fixes applied across multiple repository components (DIE-engine, Formats, XArchive). No public exploit identified at time of analysis, though the vulnerability class is well-understood and exploitation techniques are documented.

Path Traversal RCE Die Engine
NVD GitHub VulDB
CVSS 4.0
6.8
EPSS
0.0%
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Path traversal in Detect-It-Easy archive extraction allows local attackers to write arbitrary files outside intended directories and achieve persistent code execution by overwriting user startup scripts. Affects all versions prior to 3.21. Exploitation requires user interaction to open a specially crafted archive file. Vendor-released patch available in version 3.21, with fixes applied across multiple repository components (DIE-engine, Formats, XArchive). No public exploit identified at time of analysis, though the vulnerability class is well-understood and exploitation techniques are documented.

Path Traversal RCE Die Engine
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy