Werkzeug is a widely used WSGI web application library in Python environments. The vulnerability identified as CVE-2026-21860 (CWE-67) affects Werkzeug versions prior to 3.1.5 in its safe_join function, which is designed to securely concatenate file system paths. On Windows, certain device names such as CON, AUX, PRN, NUL, and others are reserved system devices that can be accessed implicitly in any directory. Windows also permits these device names to be used with file extensions or trailing spaces (e.g., CON.txt or CON ). Werkzeug's safe_join function did not correctly handle these special device names with extensions or trailing spaces, allowing crafted path segments to bypass intended path validation and normalization. This improper handling could enable an attacker to reference or manipulate special device files, potentially leading to unauthorized file access, denial of service, or other impacts depending on application logic. The vulnerability is exploitable remotely over the network without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The impact is limited to availability (VA:L) with no confidentiality or integrity impact reported. The issue was patched in Werkzeug version 3.1.5, which properly sanitizes and rejects such Windows device name path segments. No public exploits have been observed, but the vulnerability poses a risk for Windows-hosted web applications using vulnerable Werkzeug versions.

For European organizations, this vulnerability primarily affects web applications running on Windows servers that utilize Werkzeug versions prior to 3.1.5. Exploitation could allow attackers to bypass path validation mechanisms, potentially leading to unauthorized access or manipulation of special device files. This can result in denial of service conditions or unintended behavior in web applications, impacting availability. While confidentiality and integrity impacts are not explicitly noted, the ability to manipulate file paths could be leveraged in complex attack chains. Organizations relying on Werkzeug in Windows environments, especially those hosting critical web services, may face service disruptions or exploitation attempts. The medium severity rating reflects a moderate risk, but the absence of known exploits reduces immediate threat. However, given the common use of Werkzeug in Python web frameworks and the prevalence of Windows servers in enterprise environments, the vulnerability warrants prompt remediation to prevent potential exploitation.

1. Upgrade Werkzeug to version 3.1.5 or later immediately to apply the official patch that correctly handles Windows device names in path segments. 2. Audit all Python web applications running on Windows servers to identify usage of Werkzeug and verify versions. 3. Implement additional input validation and sanitization on file path parameters at the application level to detect and reject suspicious device name patterns (e.g., CON, AUX, PRN) with extensions or trailing spaces. 4. Employ runtime application self-protection (RASP) or web application firewalls (WAFs) configured to detect and block requests containing Windows device names in path inputs. 5. Monitor application logs for unusual file access attempts involving reserved device names. 6. Educate development teams about Windows-specific path handling quirks and the importance of secure path joining functions. 7. Consider isolating Windows-hosted web applications in hardened environments with strict access controls to limit impact if exploitation occurs.