CVE-2026-46383
Description
Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a local .tar.gz that is not recognized as a plugin-format bundle, APM probes whether it is a legacy --format apm bundle. On Python versions earlier than 3.12, that probe extracts untrusted tar members with raw tar.extractall() without rejecting Windows absolute member names such as D:/.... This vulnerability is fixed in 0.13.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apm-cliPyPI | < 0.13.0 | 0.13.0 |
Affected products
1Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-mq5j-pw29-jcv3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-46383ghsaADVISORY
- github.com/microsoft/apm/commit/77d1dda8303c8d7ccb6148788a6274fdece98499ghsaWEB
- github.com/microsoft/apm/releases/tag/v0.13.0ghsaWEB
- github.com/microsoft/apm/security/advisories/GHSA-mq5j-pw29-jcv3nvdWEB
News mentions
0No linked articles in our index yet.