{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-48055/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-16T21:17:59.868Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-48055","@id":"https://www.cve.org/CVERecord?id=CVE-2026-48055","description":"Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a high-severity Zip Slip vulnerability was identified in Streambert's subtitle extraction logic. The application does not sanitize archive entry filenames during extraction, allowing a malicious archive to perform path traversal and write arbitrary files to the host filesystem. The subtitle extraction process downloads a ZIP archive and extracts its entries. The destination fi"},"products":[{"@id":"cpe:2.3:a:truelockmc:streambert:\\<_2.5.0:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:truelockmc:streambert:\\<_2.5.0:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"No fixed version is published yet; monitor the upstream advisory.","timestamp":"2026-06-16T21:17:59.868Z"}]}