A vulnerability classified as critical has been found in lsegal yard up to 0.9.43 . Affected by this issue is some unknown functionality of the file yard-cache-secret.html . Performing a manipulation results in path traversal. This vulnerability was named CVE-2026-49342 . The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.