A vulnerability classified as critical was found in tale headplane up to 0.6.2/0.7.0-beta.2 . Affected by this vulnerability is an unknown functionality of the component Headscale API . Executing a manipulation can lead to path traversal. This vulnerability is tracked as CVE-2026-46484 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.