CVE-2026-35206: Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment

Overview

Severity

N/A

Exploit Status

Not Exploited

Patch Tuesday

2026-Apr

Released

2026-04-12

Last Updated

2026-04-30

EPSS Score

0.01% (percentile: 0.2%)

Affected Products (1)

Open Source Software

• cbl2 helm 3.14.2-10 on CBL Mariner 2.0

Revision History

• 2026-04-12: Information published.
• 2026-04-13: Information published.
• 2026-04-30: Information published.