1. Critical Zip-Slip Path Traversal Vulnerability in Plugin Installation Allows Arbitrary File Overwrite
A critical path traversal vulnerability has been disclosed in the plugin installation mechanism, where files are written to paths constructed from registry-supplied filenames without validating that destinations remain within the intended plugin directory. The flaw, classified as a zip-slip vulnerability, could allow a...