Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links CVSS base score is 3.1 (HIGH severity). The EPSS exploit prediction model gives this CVE a 0% probability of exploitation in the next 30 days, placing it in the 7th percentile of all tracked vulnerabilities. This vulnerability is not currently on the CISA Known Exploited Vulnerabilities catalog. Affects 3 packages across the dependency graph; review the affected version ranges below and upgrade to a fixed release where available.