CVE-2026-23950: CWE-176: Improper Handling of Unicode Encoding in isaacs node-tar
node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3. This is due to an incomplete handling of Unicode path collisions in the `path-reservations` system. On case-insensitive or normalization-insensitive filesystems (such as macOS APFS, In which it has been tested), the library fails to lock colliding paths (e.g., `ß` and `ss`), allowing them to be processed in parallel. This bypasses the library's internal concurrency safeguards and permits Symlink Poisoning attacks via race conditions. The library uses a `PathReservations` system to ensure that metadata checks and file operations for the same path are serialized. This prevents race conditions where one entry might clobber another concurrently. This is a Race Condition which enables Arbitrary File Overwrite. This vulnerability affects users and systems using node-tar on macOS (APFS/HFS+). Because of using `NFD` Unicode normalization (in which `ß` and `ss` are different), conflicting paths do not have their order properly preserved under filesystems that ignore Unicode normalization (e.g., APFS (in which `ß` causes an inode collision with `ss`)). This enables an attacker to circumvent internal parallelization locks (`PathReservations`) using conflicting filenames within a malicious tar archive. The patch in version 7.5.4 updates `path-reservations.js` to use a normalization form that matches the target filesystem's behavior (e.g., `NFKD`), followed by first `toLocaleLowerCase('en')` and then `toLocaleUpperCase('en')`. As a workaround, users who cannot upgrade promptly, and who are programmatically using `node-tar` to extract arbitrary tarball data should filter out all `SymbolicLink` entries (as npm does) to defend against arbitrary file writes via this file system entry name collision issue.
AI Analysis
Technical Summary
CVE-2026-23950 is a race condition vulnerability in the isaacs node-tar library, affecting all versions up to and including 7.5.3. The root cause is an incomplete handling of Unicode path collisions within the library's internal path-reservation system, which is designed to serialize file operations on the same path to prevent race conditions. On filesystems that are case-insensitive or normalization-insensitive, such as macOS APFS and HFS+, Unicode characters that visually or canonically differ (e.g., the German sharp s 'ß' and the sequence 'ss') can be treated as equivalent, causing inode collisions. Node-tar uses Unicode Normalization Form D (NFD), which treats these characters as distinct, leading to a mismatch with the filesystem's behavior. This mismatch allows conflicting paths to bypass the path-reservation locks, enabling concurrent processing of entries that should be serialized. An attacker can craft a malicious tar archive containing symbolic links with colliding Unicode paths to exploit this race condition, resulting in arbitrary file overwrites (Symlink Poisoning). This can compromise system integrity and potentially lead to code execution or data corruption. The vulnerability requires user interaction (extracting a malicious tarball) but no privileges or authentication. The patch in version 7.5.4 updates the normalization approach to use Normalization Form KD (NFKD), followed by locale-aware lowercasing and uppercasing to align with filesystem behavior, restoring proper locking. As a temporary mitigation, filtering out symbolic link entries during extraction can reduce risk. No known exploits are currently reported in the wild, but the high CVSS score (8.8) indicates significant risk if exploited.
Potential Impact
For European organizations, this vulnerability poses a significant risk especially to those using node-tar in macOS environments for software development, CI/CD pipelines, or automated deployment systems. Successful exploitation can lead to arbitrary file overwrites, potentially allowing attackers to modify critical files, inject malicious code, or disrupt application behavior. This undermines system integrity and could facilitate further attacks such as privilege escalation or persistent compromise. Organizations relying on macOS workstations or servers for build and deployment processes are particularly vulnerable. The impact extends to supply chain security, as malicious tarballs could be introduced via third-party dependencies or compromised package sources. Data confidentiality is moderately affected since the vulnerability primarily targets integrity and availability, but indirect data exposure could occur through subsequent exploitation. The requirement for user interaction (extracting a tarball) means social engineering or compromised repositories are likely attack vectors. Given the widespread use of Node.js and node-tar in European software ecosystems, the vulnerability could affect a broad range of sectors including finance, technology, and government.
Mitigation Recommendations
The primary mitigation is to upgrade node-tar to version 7.5.4 or later, which includes the patch aligning Unicode normalization with filesystem behavior and restoring proper path-reservation locking. For organizations unable to upgrade immediately, it is critical to implement programmatic filtering to exclude symbolic link entries during tarball extraction, as symbolic links are the main vector for arbitrary file overwrite exploitation. Additionally, organizations should enforce strict validation and integrity checks on tarball sources, employing cryptographic signatures or checksums to prevent malicious archives from being processed. Running extraction processes with least privilege and within sandboxed or containerized environments can limit the impact of potential exploitation. Monitoring file system changes and employing host-based intrusion detection systems can help detect suspicious activity related to file overwrites. Educating developers and DevOps teams about the risks of extracting untrusted tarballs and encouraging the use of vetted package sources further reduces exposure. Finally, organizations should audit their CI/CD pipelines and build systems to identify and remediate any use of vulnerable node-tar versions on macOS hosts.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Ireland
CVE-2026-23950: CWE-176: Improper Handling of Unicode Encoding in isaacs node-tar
Description
node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3. This is due to an incomplete handling of Unicode path collisions in the `path-reservations` system. On case-insensitive or normalization-insensitive filesystems (such as macOS APFS, In which it has been tested), the library fails to lock colliding paths (e.g., `ß` and `ss`), allowing them to be processed in parallel. This bypasses the library's internal concurrency safeguards and permits Symlink Poisoning attacks via race conditions. The library uses a `PathReservations` system to ensure that metadata checks and file operations for the same path are serialized. This prevents race conditions where one entry might clobber another concurrently. This is a Race Condition which enables Arbitrary File Overwrite. This vulnerability affects users and systems using node-tar on macOS (APFS/HFS+). Because of using `NFD` Unicode normalization (in which `ß` and `ss` are different), conflicting paths do not have their order properly preserved under filesystems that ignore Unicode normalization (e.g., APFS (in which `ß` causes an inode collision with `ss`)). This enables an attacker to circumvent internal parallelization locks (`PathReservations`) using conflicting filenames within a malicious tar archive. The patch in version 7.5.4 updates `path-reservations.js` to use a normalization form that matches the target filesystem's behavior (e.g., `NFKD`), followed by first `toLocaleLowerCase('en')` and then `toLocaleUpperCase('en')`. As a workaround, users who cannot upgrade promptly, and who are programmatically using `node-tar` to extract arbitrary tarball data should filter out all `SymbolicLink` entries (as npm does) to defend against arbitrary file writes via this file system entry name collision issue.
AI-Powered Analysis
Technical Analysis
CVE-2026-23950 is a race condition vulnerability in the isaacs node-tar library, affecting all versions up to and including 7.5.3. The root cause is an incomplete handling of Unicode path collisions within the library's internal path-reservation system, which is designed to serialize file operations on the same path to prevent race conditions. On filesystems that are case-insensitive or normalization-insensitive, such as macOS APFS and HFS+, Unicode characters that visually or canonically differ (e.g., the German sharp s 'ß' and the sequence 'ss') can be treated as equivalent, causing inode collisions. Node-tar uses Unicode Normalization Form D (NFD), which treats these characters as distinct, leading to a mismatch with the filesystem's behavior. This mismatch allows conflicting paths to bypass the path-reservation locks, enabling concurrent processing of entries that should be serialized. An attacker can craft a malicious tar archive containing symbolic links with colliding Unicode paths to exploit this race condition, resulting in arbitrary file overwrites (Symlink Poisoning). This can compromise system integrity and potentially lead to code execution or data corruption. The vulnerability requires user interaction (extracting a malicious tarball) but no privileges or authentication. The patch in version 7.5.4 updates the normalization approach to use Normalization Form KD (NFKD), followed by locale-aware lowercasing and uppercasing to align with filesystem behavior, restoring proper locking. As a temporary mitigation, filtering out symbolic link entries during extraction can reduce risk. No known exploits are currently reported in the wild, but the high CVSS score (8.8) indicates significant risk if exploited.
Potential Impact
For European organizations, this vulnerability poses a significant risk especially to those using node-tar in macOS environments for software development, CI/CD pipelines, or automated deployment systems. Successful exploitation can lead to arbitrary file overwrites, potentially allowing attackers to modify critical files, inject malicious code, or disrupt application behavior. This undermines system integrity and could facilitate further attacks such as privilege escalation or persistent compromise. Organizations relying on macOS workstations or servers for build and deployment processes are particularly vulnerable. The impact extends to supply chain security, as malicious tarballs could be introduced via third-party dependencies or compromised package sources. Data confidentiality is moderately affected since the vulnerability primarily targets integrity and availability, but indirect data exposure could occur through subsequent exploitation. The requirement for user interaction (extracting a tarball) means social engineering or compromised repositories are likely attack vectors. Given the widespread use of Node.js and node-tar in European software ecosystems, the vulnerability could affect a broad range of sectors including finance, technology, and government.
Mitigation Recommendations
The primary mitigation is to upgrade node-tar to version 7.5.4 or later, which includes the patch aligning Unicode normalization with filesystem behavior and restoring proper path-reservation locking. For organizations unable to upgrade immediately, it is critical to implement programmatic filtering to exclude symbolic link entries during tarball extraction, as symbolic links are the main vector for arbitrary file overwrite exploitation. Additionally, organizations should enforce strict validation and integrity checks on tarball sources, employing cryptographic signatures or checksums to prevent malicious archives from being processed. Running extraction processes with least privilege and within sandboxed or containerized environments can limit the impact of potential exploitation. Monitoring file system changes and employing host-based intrusion detection systems can help detect suspicious activity related to file overwrites. Educating developers and DevOps teams about the risks of extracting untrusted tarballs and encouraging the use of vetted package sources further reduces exposure. Finally, organizations should audit their CI/CD pipelines and build systems to identify and remediate any use of vulnerable node-tar versions on macOS hosts.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-01-19T14:49:06.312Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 696ed8794623b1157ce40bb5
Added to database: 1/20/2026, 1:20:57 AM
Last enriched: 1/27/2026, 8:04:04 PM
Last updated: 2/7/2026, 6:33:43 AM
Views: 879
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-15491: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Post Slides
HighCVE-2025-15267: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in boldthemes Bold Page Builder
MediumCVE-2025-13463: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in boldthemes Bold Page Builder
MediumCVE-2025-12803: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in boldthemes Bold Page Builder
MediumCVE-2025-12159: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in boldthemes Bold Page Builder
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.