HIGH
byrongamatos
CVE published 2026-06-19
CVE-2026-49290
CVE-2026-49290 is a high-severity path-traversal vulnerability in Slopsmith, a self-contained web application for browsing, playing, and practicing Rocksmith 2014 Custom DLC (CDLC). The vulnerability allows an attacker to write arbitrary files outside the extraction directory by supplying a crafted PSARC or sloppak archive, potentially leading to arbitrary remote code execution on the host. The default Do [truncated]