CVE-2026-12568
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk16th percentile — higher than 16% of all known CVEs
Summary
The postman_download module uses the workspace name field from the Postman API to construct the local directory path without sanitization. A malicious workspace with a name containing path traversal characters may allow an attacker to write arbitrary files to the user's system.
Risk Assessment
An attacker could exploit this vulnerability to write malicious files to the system, potentially leading to further attacks or data compromise.
Recommendation
It is recommended to implement sanitization of workspace names before using them to construct directory paths and to monitor the system for unauthorized files.
Original NVD description (English source)
The postman_download module uses the workspace name field from the Postman API to construct the local directory path without sanitization. If a malicious workspace has a name containing path traversal characters, pathlib resolves the path outside the intended output directory, allowing an attacker to write arbitrary files to the user's system.

