CVE-2026-29064
📋 TL;DR
A path traversal vulnerability in Zarf's archive extraction allows malicious packages to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the host system. This affects Zarf users processing untrusted packages from version 0.54.0 to before 0.73.1. Attackers could compromise the system processing Zarf packages.
💻 Affected Systems
- Zarf
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise via arbitrary file write leading to remote code execution, data exfiltration, or complete system takeover.
Likely Case
Unauthorized file access or modification, potentially leading to credential theft, configuration tampering, or data corruption.
If Mitigated
Limited impact if only trusted packages are processed and proper file permissions restrict damage scope.
🎯 Exploit Status
Exploitation requires creating a malicious Zarf package with crafted symlinks. No authentication bypass needed beyond package processing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.73.1
Vendor Advisory: https://github.com/zarf-dev/zarf/security/advisories/GHSA-hcm4-6hpj-vghm
Restart Required: No
Instructions:
1. Update Zarf to version 0.73.1 or later using your package manager. 2. Verify the update with 'zarf version'. 3. No restart required as this is a CLI tool fix.
🔧 Temporary Workarounds
Restrict package sources
allOnly process Zarf packages from trusted, verified sources. Implement package signing verification if available.
Run in restricted environment
linuxProcess Zarf packages in isolated containers or VMs with limited filesystem access.
docker run --read-only -v /safe/path:/extract alpine
🧯 If You Can't Patch
- Implement strict package source validation and only use packages from trusted repositories.
- Run Zarf package processing in isolated environments with minimal filesystem permissions.
🔍 How to Verify
Check if Vulnerable:
Run 'zarf version' and check if version is between 0.54.0 and 0.73.0 (inclusive).Check Version:
zarf versionVerify Fix Applied:
Run 'zarf version' and confirm version is 0.73.1 or higher.📡 Detection & Monitoring
Log Indicators:
- Unexpected symlink creation during package extraction
- File access outside expected extraction directory
Network Indicators:
- Downloads of Zarf packages from untrusted sources
SIEM Query:
Process execution of zarf with arguments containing package operations, followed by file creation events outside expected paths.