CVE-2026-21620

EUVD-2026-7742

20.02.2026, 11:15

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerability is associated with program files lib/tftp/src/tftp_file.erl, src/tftp_file.erl.

This issue affects otp: from 17.0, from 07b8f441ca711f9812fad9e9115bab3c3aa92f79; otp: from 5.10 before 7.0; otp: from 1.0.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
EEF	CNA	2.3 LOW	NETWORK	LOW	LOW	CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 9%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
erlang	otp	5.10 ≤ 𝑥 < 7.0	CNA

openSUSE / SLES Releases

openSUSE Product

Release

erlang

suse enterprise sap 15 SP4	23.3.4.19-150300.3.32.1 fixed
suse enterprise sap 15 SP5	23.3.4.19-150300.3.32.1 fixed
suse enterprise sap 15 SP6	23.3.4.19-150300.3.32.1 fixed
suse enterprise sap 15 SP7	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP4	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP5	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP6	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP7	23.3.4.19-150300.3.32.1 fixed

erlang-epmd

suse enterprise sap 15 SP4	23.3.4.19-150300.3.32.1 fixed
suse enterprise sap 15 SP5	23.3.4.19-150300.3.32.1 fixed
suse enterprise sap 15 SP6	23.3.4.19-150300.3.32.1 fixed
suse enterprise sap 15 SP7	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP4	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP5	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP6	23.3.4.19-150300.3.32.1 fixed
suse enterprise server 15 SP7	23.3.4.19-150300.3.32.1 fixed

Common Weakness Enumeration

CWE-23 - Relative Path Traversal
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Vulnerability Media Exposure

[GERMAN] Erlang/OTP: Schwachstelle ermöglicht Offenlegung von Informationen
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Erlang/OTP ausnutzen, um Informationen offenzulegen.
Published: 2026-02-22T23:00:00+00:00

References

https://cna.erlef.org/cves/CVE-2026-21620.html

https://github.com/erlang/otp/commit/3970738f687325138eb75f798054fa8960ac354e

https://github.com/erlang/otp/commit/655fb95725ba2fb811740b57e106873833824344

https://github.com/erlang/otp/commit/696fdec922661d4a3cc528fc34bc24fae8d4ad8a

https://github.com/erlang/otp/pull/10706

https://github.com/erlang/otp/security/advisories/GHSA-hmrc-prh3-rpvp

https://osv.dev/vulnerability/EEF-CVE-2026-21620

https://www.erlang.org/doc/system/versions.html#order-of-versions