{"uuid": "3114f2f7-b9ee-4f1c-b85c-7149b86dbf2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-46703", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116728884364901430", "content": "\ud83d\udea8 CRITICAL vuln in boxlite-ai Boxlite (<0.9.0): Malicious OCI images can exploit CWE-22 path traversal to write files anywhere on the host, leading to potential RCE. Upgrade to v0.9.0 ASAP. CVE-2026-46703. https://radar.offseq.com/threat/cve-2026-46703-cwe-22-improper-limitation-of-a-pat-fb9f1664 #OffSeq #CVE202646703 #ContainerSecurity", "creation_timestamp": "2026-06-11T07:04:43.279040Z"}