WS-2026-0001
January 04, 2026
A Path Traversal vulnerability in the Quake III Arena engine's virtual file system allows remote attackers to bypass inadequate string-based sanitization filters and access sensitive files outside the intended game directory.
Related Resources (1)
Do you need more information?
Contact UsCVSS v3
Base Score:
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE
Weakness Type (CWE)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
