Description

Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage.py import reads arbitrary files from the server filesystem via path traversal in uploads/records.json. A crafted export tarball causes the server to copy any file the zulip user can read into the uploads directory during import. This issue has been patched in version 11.6.

INFO

Published Date :

2026-04-03T20:59:08.941Z

Last Modified :

2026-04-06T13:11:57.089Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-26058 vulnerability.

Vendors Products
Zulip
  • Zulip
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-26058.

URL Resource
https://github.com/zulip/zulip/commit/2df49e7750ce3fc49ef1d44b1c4ece654d4b754c cve-icon cve-icon
https://github.com/zulip/zulip/security/advisories/GHSA-xm5c-c6mp-3956 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact