CVE-2026-3067 identifies a path traversal vulnerability in HummerRisk, specifically in the extractTarGZ and extractZip functions located in the hummer-common-core module. These functions handle archive extraction but fail to properly sanitize or validate file paths within the extracted archives. This allows an attacker to craft malicious .tar.gz or .zip archives containing file paths with directory traversal sequences (e.g., ../), enabling extraction of files outside the intended directory. The vulnerability can be exploited remotely without user interaction, requiring only low-level privileges, which lowers the barrier for exploitation. The impact includes unauthorized file creation or overwriting on the host system, potentially leading to integrity violations or denial of service if critical files are overwritten. The vulnerability has a CVSS 4.0 base score of 5.3, reflecting medium severity due to limited confidentiality impact but notable integrity and availability concerns. The vendor was notified but has not issued a patch or response, increasing the risk window. No known exploits are currently active in the wild, but public disclosure means attackers could develop exploits. The vulnerability affects all HummerRisk versions from 1.0 through 1.5.0, necessitating urgent attention from users of these versions.

The path traversal vulnerability allows attackers to write arbitrary files outside the intended extraction directory, which can compromise system integrity by overwriting critical configuration or executable files. This could lead to unauthorized code execution if malicious files are placed in executable paths or disrupt normal operations by corrupting essential files, impacting availability. Confidentiality impact is limited as the vulnerability primarily concerns file write operations rather than read access. The ease of remote exploitation without user interaction and low privilege requirements increases the risk of widespread exploitation in environments where HummerRisk is deployed. Organizations relying on HummerRisk for risk management or related functions may face operational disruptions, potential data corruption, or escalation of privileges if combined with other vulnerabilities. The lack of vendor response and patch availability prolongs exposure, increasing the likelihood of exploitation attempts over time.

Organizations should immediately audit their use of HummerRisk to identify affected versions (1.0 through 1.5.0) and restrict exposure by limiting network access to the application. As no official patch is available, implement strict input validation and sanitization on archive files before extraction, possibly by using external sandboxed extraction tools that enforce path normalization and prevent directory traversal. Monitor file system changes in directories used for archive extraction to detect suspicious activity. Employ application-layer firewalls or intrusion detection systems to identify and block malicious archive uploads or extraction attempts. Consider isolating HummerRisk in a container or virtual machine with limited file system permissions to contain potential damage. Maintain regular backups of critical files to enable recovery if overwriting occurs. Engage with the vendor for updates and monitor security advisories for patches or workarounds. Finally, educate administrators about the risks and signs of exploitation related to this vulnerability.