Vulnerability in Pallets Werkzeug

CVE-2026-27199

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, bu…

EPSS: 0.000 (8.2th percentile) — read the EPSS interpretation.

Affected products

Pallets Werkzeug — versions < 3.1.6

Weakness classification (CWE)

CWE-67

References

https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x (x_refsource_CONFIRM)
https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d (x_refsource_MISC)
https://github.com/pallets/werkzeug/releases/tag/3.1.6 (x_refsource_MISC)