[MEDIUM] Statamic has a path traversal in file dictionary fieldtype

PKSA-4mnq-vkqt-4wqf CVE-2026-33171 GHSA-qm7r-wwq7-6f85

Affected package: statamic/cms

Affected version: <5.73.14|>=6.0.0-alpha.1,<6.7.0

Reported by:
GitHub