CVE-2026-34591: Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write

Overview

Severity

N/A

Exploit Status

Not Exploited

Patch Tuesday

2026-Apr

Released

2026-04-07

Last Updated

2026-04-29

EPSS Score

0.02% (percentile: 5.4%)

Affected Products (2)

Open Source Software

• azl3 poetry 1.8.3-1 on Azure Linux 3.0
• azl3 poetry 1.8.5-1 on Azure Linux 3.0

Revision History

• 2026-04-07: Information published.
• 2026-04-29: Information published.
• 2026-04-29: Information published.