A vulnerability identified as critical has been detected in SUSE libzypp up to 17.38.9 . This affects an unknown part. Performing a manipulation results in relative path traversal. This vulnerability is reported as CVE-2026-25707 . The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.