Path Traversal in Openziti Zrok

CVE-2026-45576

zrok is software for sharing web services, files, and network resources. From 0.4.23 until 2.0.3, `zrok2 copy` stores attacker-controlled WebDAV or zrok drive paths such as /../outside.txt in the source inventory and passes them to Filesys…

Vulnerability class: Path Traversal (Directory Traversal)

Affected products

Weakness classification (CWE)

References