Moderate severityNVD Advisory· Published Mar 19, 2026· Updated Mar 24, 2026
CVE-2026-3029
CVE-2026-3029
Description
A path traversal and arbitrary file write vulnerability exist in the embedded get function in '_main_.py' in PyMuPDF version, 1.26.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
PyMuPDFPyPI | >= 1.26.5, < 1.26.7 | 1.26.7 |
Affected products
3- ghsa-coords2 versions
>= 1.26.5, < 1.26.7+ 1 more
- (no CPE)range: >= 1.26.5, < 1.26.7
- (no CPE)range: < 1.27.2.2-1.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.