This page collects WhisperX intelligence signals tagged #arbitrary-file-write. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical path traversal vulnerability in Go's internal archive utility tool allows malicious archives to write files to arbitrary filesystem locations. The flaw, tracked as CVE-2026-39817 and now publicly disclosed, affects the `go tool pack` subcommand—a stripped-down archive handler used primarily as an internal co...
A path traversal vulnerability in setuptools' PackageIndex.download function allows remote attackers to write files to arbitrary locations on a target system. The flaw, tracked as CVE-2025-47273 and assigned GHSA-5rjg-fvgr-3xxf, was addressed in version 78.1.1, prompting an urgent dependency update from the prior v70.0...