Vulnerability-Lookup

CVE-2026-29780 (GCVE-0-2026-29780)

Vulnerability from cvelistv5 – Published: 2026-03-07 15:22 – Updated: 2026-03-09 18:26

Title

eml_parser: Path Traversal in Official Example Script Leading to Arbitrary File Write

Summary

eml_parser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursively_extract_attachments.py contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without any sanitization, allowing an attacker-controlled filename to escape the target directory. This issue has been patched in version 2.0.1.

Severity

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/GOVCERT-LU/eml_parser/security…	x_refsource_CONFIRM
https://github.com/GOVCERT-LU/eml_parser/issues/88	x_refsource_MISC
https://github.com/GOVCERT-LU/eml_parser/commit/9…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
GOVCERT-LU	eml_parser	Affected: < 2.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-29780",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-09T17:52:36.051208Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-09T18:26:58.485Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "eml_parser",
          "vendor": "GOVCERT-LU",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "eml_parser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursively_extract_attachments.py contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without any sanitization, allowing an attacker-controlled filename to escape the target directory. This issue has been patched in version 2.0.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-07T15:22:43.645Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5"
        },
        {
          "name": "https://github.com/GOVCERT-LU/eml_parser/issues/88",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/GOVCERT-LU/eml_parser/issues/88"
        },
        {
          "name": "https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9"
        }
      ],
      "source": {
        "advisory": "GHSA-389r-rccm-h3h5",
        "discovery": "UNKNOWN"
      },
      "title": "eml_parser: Path Traversal in Official Example Script Leading to Arbitrary File Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-29780",
    "datePublished": "2026-03-07T15:22:43.645Z",
    "dateReserved": "2026-03-04T16:26:02.898Z",
    "dateUpdated": "2026-03-09T18:26:58.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-29780",
      "date": "2026-06-03",
      "epss": "7e-05",
      "percentile": "0.00594"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-29780\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-07T16:15:55.113\",\"lastModified\":\"2026-03-11T22:02:41.573\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"eml_parser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursively_extract_attachments.py contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without any sanitization, allowing an attacker-controlled filename to escape the target directory. This issue has been patched in version 2.0.1.\"},{\"lang\":\"es\",\"value\":\"eml_parser sirve como un m\u00f3dulo de Python para analizar archivos eml y devolver diversa informaci\u00f3n encontrada en el correo electr\u00f3nico, as\u00ed como informaci\u00f3n calculada. Antes de la versi\u00f3n 2.0.1, el script de ejemplo oficial examples/recursively_extract_attachments.py contiene una vulnerabilidad de salto de ruta que permite la escritura arbitraria de archivos fuera del directorio de salida previsto. Los nombres de archivo adjuntos extra\u00eddos de correos electr\u00f3nicos analizados se utilizan directamente para construir rutas de archivo de salida sin ninguna sanitizaci\u00f3n, permitiendo que un nombre de archivo controlado por el atacante escape del directorio de destino. Este problema ha sido parcheado en la versi\u00f3n 2.0.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:govcert.lu:eml_parser:*:*:*:*:*:python:*:*\",\"versionEndExcluding\":\"2.0.1\",\"matchCriteriaId\":\"4B9ABDC4-B6BF-4D8F-9DF1-6B3017C588C8\"}]}]}],\"references\":[{\"url\":\"https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/GOVCERT-LU/eml_parser/issues/88\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-29780\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-09T17:52:36.051208Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-09T17:52:37.702Z\"}}], \"cna\": {\"title\": \"eml_parser: Path Traversal in Official Example Script Leading to Arbitrary File Write\", \"source\": {\"advisory\": \"GHSA-389r-rccm-h3h5\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"GOVCERT-LU\", \"product\": \"eml_parser\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.0.1\"}]}], \"references\": [{\"url\": \"https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5\", \"name\": \"https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/GOVCERT-LU/eml_parser/issues/88\", \"name\": \"https://github.com/GOVCERT-LU/eml_parser/issues/88\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9\", \"name\": \"https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"eml_parser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursively_extract_attachments.py contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without any sanitization, allowing an attacker-controlled filename to escape the target directory. This issue has been patched in version 2.0.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-07T15:22:43.645Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-29780\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-09T18:26:58.485Z\", \"dateReserved\": \"2026-03-04T16:26:02.898Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-07T15:22:43.645Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2026-29780

Vulnerability from fkie_nvd - Published: 2026-03-07 16:15 - Updated: 2026-03-11 22:02

Severity

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9	Patch
security-advisories@github.com	https://github.com/GOVCERT-LU/eml_parser/issues/88	Issue Tracking
security-advisories@github.com	https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5	Exploit, Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	govcert.lu	eml_parser	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:govcert.lu:eml_parser:*:*:*:*:*:python:*:*",
              "matchCriteriaId": "4B9ABDC4-B6BF-4D8F-9DF1-6B3017C588C8",
              "versionEndExcluding": "2.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "eml_parser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to version 2.0.1, the official example script examples/recursively_extract_attachments.py contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without any sanitization, allowing an attacker-controlled filename to escape the target directory. This issue has been patched in version 2.0.1."
    },
    {
      "lang": "es",
      "value": "eml_parser sirve como un m\u00f3dulo de Python para analizar archivos eml y devolver diversa informaci\u00f3n encontrada en el correo electr\u00f3nico, as\u00ed como informaci\u00f3n calculada. Antes de la versi\u00f3n 2.0.1, el script de ejemplo oficial examples/recursively_extract_attachments.py contiene una vulnerabilidad de salto de ruta que permite la escritura arbitraria de archivos fuera del directorio de salida previsto. Los nombres de archivo adjuntos extra\u00eddos de correos electr\u00f3nicos analizados se utilizan directamente para construir rutas de archivo de salida sin ninguna sanitizaci\u00f3n, permitiendo que un nombre de archivo controlado por el atacante escape del directorio de destino. Este problema ha sido parcheado en la versi\u00f3n 2.0.1."
    }
  ],
  "id": "CVE-2026-29780",
  "lastModified": "2026-03-11T22:02:41.573",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-07T16:15:55.113",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/GOVCERT-LU/eml_parser/issues/88"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

GHSA-389R-RCCM-H3H5

Vulnerability from github – Published: 2026-03-05 00:16 – Updated: 2026-03-09 15:49

Summary

eml_parser: Path Traversal in Official Example Script Leads to Arbitrary File Write

Details

Summary

The official example script examples/recursively_extract_attachments.py contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without any sanitization, allowing an attacker-controlled filename to escape the target directory.

Details

File: examples/recursively_extract_attachments.py Lines: 61–64

for a in m['attachment']:
    out_filepath = out_path / a['filename']  # No sanitization
    print(f'\tWriting attachment: {out_filepath}')
    with out_filepath.open('wb') as a_out:
        a_out.write(base64.b64decode(a['raw']))

The value a['filename'] is attacker-controlled via crafted email attachment headers:

Content-Disposition: attachment; filename="../outside/pwned.txt"

No path normalization or boundary validation is performed before writing.

PoC

Create a malicious .eml file:

Content-Disposition: attachment; filename="../outside/pwned.txt"

Run the example script:

python recursively_extract_attachments.py -p ./emails -o ./safe

Expected: ./safe/pwned.txt
Actual: ./outside/pwned.txt ← written outside the intended directory

Verified on Kali Linux with eml_parser installed via pip in a virtual environment.

Impact

This vulnerability is limited to the example script only and does not affect the core eml_parser library. However, as the script is part of the official repository and is likely to be adapted for production use, an attacker supplying a crafted email could achieve arbitrary file write within the execution context.

Potential attack scenarios include: - Cron job injection: filename="../../etc/cron.d/backdoor" - Web shell upload: filename="../../var/www/html/shell.php" - SSH key injection: filename="../../home/user/.ssh/authorized_keys"

Recommended Fix

import os.path

for a in m['attachment']:
    filename = os.path.basename(a['filename'])
    out_filepath = out_path / filename

    if not out_filepath.resolve().is_relative_to(out_path.resolve()):
        print(f'[!] Skipping suspicious filename: {a["filename"]}')
        continue

    print(f'\tWriting attachment: {out_filepath}')
    with out_filepath.open('wb') as a_out:
        a_out.write(base64.b64decode(a['raw']))

Severity

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "eml-parser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-29780"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-05T00:16:57Z",
    "nvd_published_at": "2026-03-07T16:15:55Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nThe official example script `examples/recursively_extract_attachments.py` contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without any sanitization, allowing an attacker-controlled filename to escape the target directory.\n\n### Details\nFile: `examples/recursively_extract_attachments.py`\nLines: 61\u201364\n```python\nfor a in m[\u0027attachment\u0027]:\n    out_filepath = out_path / a[\u0027filename\u0027]  # No sanitization\n    print(f\u0027\\tWriting attachment: {out_filepath}\u0027)\n    with out_filepath.open(\u0027wb\u0027) as a_out:\n        a_out.write(base64.b64decode(a[\u0027raw\u0027]))\n```\n\nThe value `a[\u0027filename\u0027]` is attacker-controlled via crafted email attachment headers:\n```\nContent-Disposition: attachment; filename=\"../outside/pwned.txt\"\n```\n\nNo path normalization or boundary validation is performed before writing.\n\n### PoC\n1. Create a malicious `.eml` file:\n```\nContent-Disposition: attachment; filename=\"../outside/pwned.txt\"\n```\n2. Run the example script:\n```\npython recursively_extract_attachments.py -p ./emails -o ./safe\n```\n3. Expected: `./safe/pwned.txt`  \n4. Actual: `./outside/pwned.txt` \u2190 written outside the intended directory\n\nVerified on Kali Linux with eml_parser installed via pip in a virtual environment.\n\n### Impact\nThis vulnerability is limited to the **example script only** and does not affect the core eml_parser library. However, as the script is part of the official repository and is likely to be adapted for production use, an attacker supplying a crafted email could achieve arbitrary file write within the execution context.\n\nPotential attack scenarios include:\n- Cron job injection: `filename=\"../../etc/cron.d/backdoor\"`\n- Web shell upload: `filename=\"../../var/www/html/shell.php\"`\n- SSH key injection: `filename=\"../../home/user/.ssh/authorized_keys\"`\n\n### Recommended Fix\n```python\nimport os.path\n\nfor a in m[\u0027attachment\u0027]:\n    filename = os.path.basename(a[\u0027filename\u0027])\n    out_filepath = out_path / filename\n\n    if not out_filepath.resolve().is_relative_to(out_path.resolve()):\n        print(f\u0027[!] Skipping suspicious filename: {a[\"filename\"]}\u0027)\n        continue\n\n    print(f\u0027\\tWriting attachment: {out_filepath}\u0027)\n    with out_filepath.open(\u0027wb\u0027) as a_out:\n        a_out.write(base64.b64decode(a[\u0027raw\u0027]))\n```",
  "id": "GHSA-389r-rccm-h3h5",
  "modified": "2026-03-09T15:49:19Z",
  "published": "2026-03-05T00:16:57Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/GOVCERT-LU/eml_parser/security/advisories/GHSA-389r-rccm-h3h5"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29780"
    },
    {
      "type": "WEB",
      "url": "https://github.com/GOVCERT-LU/eml_parser/issues/88"
    },
    {
      "type": "WEB",
      "url": "https://github.com/GOVCERT-LU/eml_parser/commit/99af03a09a90aaaaadd0ed2ffb5eea46d1ea2cc9"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/GOVCERT-LU/eml_parser"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "eml_parser: Path Traversal in Official Example Script Leads to Arbitrary File Write"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-29780 (GCVE-0-2026-29780)

FKIE_CVE-2026-29780

GHSA-389R-RCCM-H3H5

Summary

Details

PoC

Impact

Recommended Fix

Tags

Sightings

Nomenclature