Every CVE whose affected-product data names Ocaml Opam, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2026-41082 — CVSS 7.3 (high): In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.