CVE-2026-11940
Received Received - Intake
Path Traversal in Python tarfile via Hardlink-Symlink Bypass

Publication date: 2026-06-23

Last updated on: 2026-06-23

Assigner: Python Software Foundation

Description
tarfile.extractall() with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself.Β  The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower path, letting a relative target the filter judged contained escape the destination directory.Β  This allowed a malicious tar archive to create a symlink pointing outside the destination, enabling out-of-destination file reads or writes. This was an incomplete fix of CVE-2025-4330.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-23
Last Modified
2026-06-23
Generated
2026-06-23
AI Q&A
2026-06-23
EPSS Evaluated
N/A
NVD
CVE-2026-11940
EUVD
EUVD-2026-38490
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
python cpython 3.10
python cpython 3.11
python cpython 3.12
python cpython 3.13
python cpython 3.14
python cpython 3.15
python cpython 3.16
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-59 The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-11940 is a security vulnerability in Python's tarfile module, specifically in the extractall() function when used with the 'data' or 'tar' filter.

The vulnerability arises because a crafted tar archive can contain a hardlink that references a symlink stored at a deeper path than the hardlink itself.

During extraction, the process validates the symlink at its archived location but recreates it at the hardlink's shallower path. This allows a relative target to bypass the filter's directory containment checks and escape the intended extraction directory.

As a result, a malicious tar archive can create a symlink pointing outside the destination directory, enabling unauthorized file reads or writes outside the extraction target.

This vulnerability is an incomplete fix of a previous issue identified as CVE-2025-4330.

Impact Analysis

This vulnerability can allow an attacker to craft a malicious tar archive that, when extracted, creates symlinks pointing outside the intended extraction directory.

Such behavior can lead to unauthorized file reads or writes outside the destination directory, potentially overwriting or exposing sensitive files on the system.

Because the extraction process bypasses intended directory containment, it can be exploited to compromise system integrity or confidentiality.

Mitigation Strategies

To mitigate this vulnerability, update your Python environment to a version where the fix has been applied. The patch addressing CVE-2026-11940 was merged on June 23, 2026, and backports are available for Python versions 3.10 through 3.15.

Avoid extracting tar archives using tarfile.extractall() with the 'data' or 'tar' filter from untrusted sources until the fix is applied, as the vulnerability allows crafted archives to create symlinks pointing outside the extraction directory.

Compliance Impact

CVE-2026-11940 allows a malicious tar archive to create symlinks pointing outside the intended extraction directory, potentially enabling unauthorized file reads or writes outside the destination directory.

Such unauthorized file access or modification could lead to data breaches or exposure of sensitive information, which may impact compliance with data protection regulations like GDPR or HIPAA that require safeguarding personal and sensitive data.

Therefore, if an application using the vulnerable Python tarfile module extracts untrusted archives, it could inadvertently violate these standards by allowing attackers to access or alter protected data outside the intended scope.

Detection Guidance

Detection of CVE-2026-11940 involves identifying attempts to extract malicious tar archives that exploit the symlink escape vulnerability in Python's tarfile module. Specifically, crafted tar files that create hardlinks referencing symlinks pointing outside the intended extraction directory are indicators of this vulnerability being exploited.

A practical approach to detection is to use the test case added in the Python source code to detect this vulnerability: `test_sneaky_hardlink_fallback_deep`. This test simulates the attack scenario and can be used as a reference to create detection scripts or tools.

While no direct network commands are provided in the resources, monitoring for extraction of tar archives with suspicious hardlink and symlink combinations is recommended. On systems, you can manually inspect tar archives before extraction using commands like:

  • tar -tvf suspicious_archive.tar
  • Look for entries that are hardlinks (type 'h') pointing to symlinks (type 'l') at deeper paths.

Additionally, you can use Python scripts to attempt extraction with the vulnerable `tarfile.extractall()` method using the 'data' or 'tar' filter and observe if the extraction escapes the intended directory, indicating vulnerability.

For automated detection, reviewing logs or alerts for unexpected file writes outside extraction directories during tar extraction processes may help identify exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11940. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart