A vulnerability, which was classified as critical , has been found in Alfredredbird tookie-osint up to 4.1fix . This affects the function write_txt/write_csv/write_json/scan_file of the file modules/modules.py . This manipulation causes path traversal. This vulnerability is registered as CVE-2026-42866 . The attack needs to be launched locally. No exploit is available. It is advisable to upgrade the affected component.