tokio-tar — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in tokio-tar, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-32766	astral-tokio-tar insufficiently validates PAX extensions during extraction CWE-436	9.1	-	2026-03-20
CVE-2025-62518	astral-tokio-tar Vulnerable to PAX Header Desynchronization CWE-843	8.1	High	2025-10-21
CVE-2025-59825	astral-tokio-tar has a path traversal in tar extraction CWE-22	7.5	-	2025-09-23

All 3 known CVE vulnerabilities affecting tokio-tar with full Chinese analysis, references, and POCs where available.