CVE-2026-14439
Altium Path Traversal Leading to Remote Code Execution.
Halo Surface Signal: 3 out of 5 — possibly public-facing.
A path traversal vulnerability in the Git Service component allows authenticated users to move files outside repositories, potentially enabling remote code execution. In multi-tenant environments, this could expose other tenants' data. The issue is fixed in Altium 365 and a specific version of Altium Enterprise Server.