A vulnerability identified as critical has been detected in raszi node-tmp up to 0.2.5 . This issue affects some unknown processing of the component Temporary Directory Handler . Performing a manipulation results in path traversal. This vulnerability is reported as CVE-2026-44705 . The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.