Description

Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the `--UNSAFE,--trust` flag. As it turns out, a safe template can currently write to arbitrary directories outside the destination path by using directory a symlink along with `_preserve_symlinks: true` and a generated directory structure whose rendered path is inside the symlinked directory. This way, a malicious template author can create a template that overwrites arbitrary files (according to the user's write permissions), e.g., to cause havoc. Version 9.11.2 patches the issue.

INFO

Published Date :

2026-01-21T22:20:37.720Z

Last Modified :

2026-01-22T16:49:26.426Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23986 vulnerability.

Vendors Products
Copier-org
  • Copier
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23986.

URL Resource
https://github.com/copier-org/copier/commit/b3a7b3772d17cf0e7a4481978188c9f536c8d8f6 cve-icon cve-icon
https://github.com/copier-org/copier/releases/tag/v9.11.2 cve-icon cve-icon
https://github.com/copier-org/copier/security/advisories/GHSA-4fqp-r85r-hxqh cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact