CVE-2026-44307

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-44307
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-44307.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-44307
Aliases
Downstream
Related
Published
2026-05-12T21:53:52.826Z
Modified
2026-06-18T03:56:28.320407650Z
Severity
  • 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Mako: Path traversal via backslash URI on Windows in TemplateLookup
Details

Mako is a template library written in Python. Prior to 1.3.12, on Windows, a URI using backslash traversal (e.g. ....\ secret.txt) bypasses the directory traversal check in Template.init and the posixpath-based normalization in TemplateLookup.get_template(), allowing reads of files outside the configured template directory. This vulnerability is fixed in 1.3.12.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44307.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-22"
    ]
}
References

Affected packages

Git / github.com/sqlalchemy/mako

Affected ranges

Type
GIT
Repo
https://github.com/sqlalchemy/mako
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d4d1639222d2da4f18c32d11f32c37f172f603bd
Fixed
72e10c573ca0fbcbddd4455abca8ce92a61780d7
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.3.12"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ]
}

Affected versions

Other
rel_0_1_0
rel_0_1_1
rel_0_1_10
rel_0_1_2
rel_0_1_3
rel_0_1_4
rel_0_1_5
rel_0_1_6
rel_0_1_7
rel_0_1_8
rel_0_1_9
rel_0_2_0
rel_0_2_1
rel_0_2_2
rel_0_2_3
rel_0_2_4
rel_0_2_5
rel_0_3_0
rel_0_3_1
rel_0_3_2
rel_0_3_3
rel_0_3_4
rel_0_3_5
rel_0_3_6
rel_0_4_0
rel_0_4_1
rel_0_4_2
rel_0_5_0
rel_0_6_0
rel_0_6_1
rel_0_6_2
rel_0_7_0
rel_0_7_1
rel_0_7_2
rel_0_7_3
rel_0_8_0
rel_0_8_1
rel_0_9_0
rel_0_9_1
rel_1_0_0
rel_1_0_1
rel_1_0_10
rel_1_0_11
rel_1_0_12
rel_1_0_13
rel_1_0_14
rel_1_0_2
rel_1_0_3
rel_1_0_4
rel_1_0_5
rel_1_0_6
rel_1_0_7
rel_1_0_8
rel_1_0_9
rel_1_1_0
rel_1_1_1
rel_1_1_2
rel_1_1_3
rel_1_1_4
rel_1_1_5
rel_1_2_0
rel_1_2_1
rel_1_2_2
rel_1_2_3
rel_1_2_4
rel_1_3_0
rel_1_3_1
rel_1_3_10
rel_1_3_11
rel_1_3_2
rel_1_3_3
rel_1_3_4
rel_1_3_5
rel_1_3_6
rel_1_3_7
rel_1_3_8
rel_1_3_9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-44307.json"