A vulnerability described as critical has been identified in Outline up to 1.6.x . Impacted is the function fs.createWriteStream . Such manipulation leads to path traversal. This vulnerability is documented as CVE-2026-43888 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.