VYPR
High severity7.3NVD Advisory· Published Apr 16, 2026· Updated Jun 16, 2026

CVE-2026-41082

CVE-2026-41082

Description

In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.