Path Traversal Vulnerability in Collibra Agent
CVE-2026-10621

Currently unrated

Key Information:

Vendor: Collibra
Status: Collibra Platform (saas); Collibra Platform (on-prem)
Vendor: CVE Published:; 2 June 2026

What is CVE-2026-10621?

A path traversal vulnerability exists in the restore handler of Collibra Agent, which enables an attacker to exploit the ZIP extraction functionality. The flaw allows for unvalidated file paths during the extraction process, creating a risk where attackers can manipulate the ZIP files to write arbitrary files to locations outside the intended directories. This can compromise the integrity and security of the affected systems. It is crucial for users to be aware of this vulnerability and implement appropriate security measures to mitigate the risks associated with potential exploitation.

Affected Version(s)

Collibra Platform (on-prem) 2026.03 < 2026.03.356

Collibra Platform (on-prem) 2025.10 < 2025.10.399

Collibra Platform (SaaS) 2025.10 < 2025.10.9

References

https://www.collibra.com/

https://kb.cert.org/vuls/id/873170

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Jun 2, 2026

CVE-2026-10621 Data

JSON