What is GHSA-7j4w-x8x8-5mvg?

GHSA-7j4w-x8x8-5mvg is a security advisory published by GitHub Security Advisories with Critical severity. A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same...

Which CVE IDs does GHSA-7j4w-x8x8-5mvg cover?

GHSA-7j4w-x8x8-5mvg covers the following CVE IDs: CVE-2026-53476. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-7j4w-x8x8-5mvg?

GHSA-7j4w-x8x8-5mvg has a CVSS v3 base score of 9.6, published by GitHub Security Advisories.

GHSA-7j4w-x8x8-5mvgCriticalCVSS 9.6

A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same...

Vendor

GitHub Security Advisories

Published

June 10, 2026

Last Modified

June 10, 2026

🔗 CVE IDs covered (1)

CVE-2026-53476 →

📋 Description

A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network (LAN), can exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security checks and write arbitrary files to the system. This could ultimately lead to the execution of unauthorized code on the appliance.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-53476
https://github.com/kubev2v/assisted-migration-agent/pull/256
https://access.redhat.com/security/cve/CVE-2026-53476
https://bugzilla.redhat.com/show_bug.cgi?id=2487233
https://github.com/advisories/GHSA-7j4w-x8x8-5mvg