{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/heym/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.6,"id":"CVE-2026-45225"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Heym","heymrun/heym"],"_cs_severities":["high"],"_cs_tags":["path-traversal","file-upload","CVE-2026-45225"],"_cs_type":"advisory","_cs_vendors":["Heym"],"content_html":"\u003cp\u003eHeym before version 0.0.21 contains a path traversal vulnerability in its file upload endpoint. This flaw allows authenticated users to write malicious files to arbitrary locations on the server. By crafting a filename containing traversal sequences (e.g., ../../), an attacker can bypass intended path restrictions and manipulate files outside of the designated upload directory. This vulnerability affects the \u003ccode\u003eupload_file()\u003c/code\u003e handler due to insufficient validation of the filename parameter. Successful exploitation could lead to arbitrary file write, read, or even deletion, potentially compromising the entire system.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker authenticates to the Heym application.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious filename containing path traversal sequences (e.g., \u003ccode\u003e../../../evil.php\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eAttacker initiates a file upload request to the \u003ccode\u003eupload_file()\u003c/code\u003e endpoint, including the crafted filename.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eupload_file()\u003c/code\u003e handler receives the request but fails to properly sanitize the filename.\u003c/li\u003e\n\u003cli\u003eThe application writes the uploaded file to a location outside the intended directory, based on the path provided in the crafted filename.\u003c/li\u003e\n\u003cli\u003eThe attacker triggers execution of the uploaded file (e.g. if it\u0026rsquo;s a PHP file).\u003c/li\u003e\n\u003cli\u003eThe attacker achieves arbitrary code execution on the server.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows an attacker to write, read, or delete files outside the intended storage directory. This can lead to arbitrary code execution, allowing the attacker to gain complete control over the affected system. The CVSS v3.1 base score for this vulnerability is 7.6 (High), indicating a significant risk. The potential impact includes unauthorized access to sensitive data, modification of critical system files, and complete system compromise.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Heym to version 0.0.21 or later to patch CVE-2026-45225.\u003c/li\u003e\n\u003cli\u003eImplement robust filename validation and sanitization within the \u003ccode\u003eupload_file()\u003c/code\u003e handler to prevent path traversal attacks.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Heym Path Traversal File Upload (CVE-2026-45225)\u003c/code\u003e to detect exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for HTTP requests to the file upload endpoint containing suspicious filename patterns.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-12T22:22:11Z","date_published":"2026-05-12T22:22:11Z","id":"https://feed.craftedsignal.io/briefs/2026-05-heym-path-traversal/","summary":"Heym before 0.0.21 is vulnerable to path traversal, allowing authenticated users to write attacker-controlled files to arbitrary locations by exploiting the unvalidated filename parameter in the upload_file() handler (CVE-2026-45225).","title":"Heym Path Traversal Vulnerability in File Upload Endpoint (CVE-2026-45225)","url":"https://feed.craftedsignal.io/briefs/2026-05-heym-path-traversal/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-45227"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Heym"],"_cs_severities":["high"],"_cs_tags":["sandbox-escape","python","code-execution"],"_cs_type":"threat","_cs_vendors":["Heym"],"content_html":"\u003cp\u003eHeym before version 0.0.21 contains a critical sandbox escape vulnerability, identified as CVE-2026-45227, within its custom Python tool executor. This flaw enables authenticated workflow authors to circumvent intended sandbox restrictions by leveraging object-graph introspection primitives. By exploiting this vulnerability, attackers can regain access to the unrestricted \u003ccode\u003e__import__\u003c/code\u003e function, enabling the import of typically blocked modules such as \u003ccode\u003eos\u003c/code\u003e and \u003ccode\u003esubprocess\u003c/code\u003e. This access further allows attackers to access inherited backend environment variables, potentially exposing sensitive information such as database credentials and encryption keys. Successful exploitation leads to arbitrary host command execution with the privileges of the backend service user, severely compromising system integrity.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn authenticated user gains access to the Heym workflow authoring interface.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious workflow using the custom Python tool executor.\u003c/li\u003e\n\u003cli\u003eThe workflow exploits Python introspection techniques to access the unrestricted \u003ccode\u003e__import__\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eUsing the recovered \u003ccode\u003e__import__\u003c/code\u003e function, the attacker imports restricted modules like \u003ccode\u003eos\u003c/code\u003e or \u003ccode\u003esubprocess\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the imported modules to access inherited backend environment variables.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts sensitive data like database credentials or encryption keys from environment variables.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts an arbitrary OS command using the \u003ccode\u003eos\u003c/code\u003e or \u003ccode\u003esubprocess\u003c/code\u003e modules.\u003c/li\u003e\n\u003cli\u003eThe malicious workflow executes the arbitrary OS command on the host, running as the backend service user.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this sandbox escape vulnerability (CVE-2026-45227) in Heym allows attackers to execute arbitrary commands on the host system as the backend service user. This can lead to complete system compromise, including data theft, service disruption, and unauthorized access to sensitive information, including database credentials and encryption keys. The vulnerability affects all Heym deployments prior to version 0.0.21.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Heym to version 0.0.21 or later to patch CVE-2026-45227.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Heym Sandbox Escape Attempt via Import\u0026rdquo; to monitor for attempts to import restricted modules within the Python tool executor.\u003c/li\u003e\n\u003cli\u003eReview and restrict access to the Heym workflow authoring interface to minimize the attack surface.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-12T22:18:20Z","date_published":"2026-05-12T22:18:20Z","id":"https://feed.craftedsignal.io/briefs/2026-05-heym-sandbox-escape/","summary":"Heym before 0.0.21 is vulnerable to a sandbox escape (CVE-2026-45227) in the custom Python tool executor, allowing authenticated workflow authors to bypass restrictions and execute arbitrary host commands as the backend service user.","title":"Heym Sandbox Escape Vulnerability (CVE-2026-45227)","url":"https://feed.craftedsignal.io/briefs/2026-05-heym-sandbox-escape/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.1,"id":"CVE-2026-45226"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Heym"],"_cs_severities":["high"],"_cs_tags":["authorization-bypass","workflow-execution","cve"],"_cs_type":"advisory","_cs_vendors":["Heym"],"content_html":"\u003cp\u003eHeym before version 0.0.21 is vulnerable to an authorization bypass, as identified by CVE-2026-45226. This flaw allows authenticated users to bypass access controls and execute arbitrary workflows. The vulnerability stems from a lack of proper access validation when referencing workflow UUIDs. Attackers can exploit this by creating malicious workflows that reference UUIDs of victim workflows, enabling them to load and execute these workflows under attacker-controlled execution paths. This leads to potential exposure of sensitive victim workflow outputs and unintended triggering of workflow nodes with adverse side effects. This vulnerability poses a significant risk to the confidentiality and integrity of workflows within Heym environments.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker authenticates to a Heym instance.\u003c/li\u003e\n\u003cli\u003eThe attacker identifies a victim workflow and obtains its UUID.\u003c/li\u003e\n\u003cli\u003eThe attacker creates a new workflow containing either an \u0026ldquo;execute\u0026rdquo; node or an \u0026ldquo;agent subWorkflowId\u0026rdquo;.\u003c/li\u003e\n\u003cli\u003eWithin the \u0026ldquo;execute\u0026rdquo; node or \u0026ldquo;agent subWorkflowId\u0026rdquo;, the attacker references the victim workflow\u0026rsquo;s UUID.\u003c/li\u003e\n\u003cli\u003eThe attacker executes their newly crafted workflow.\u003c/li\u003e\n\u003cli\u003eDue to the authorization bypass, the Heym system loads and executes the victim workflow under the attacker\u0026rsquo;s execution context.\u003c/li\u003e\n\u003cli\u003eThe attacker gains access to the victim workflow\u0026rsquo;s outputs.\u003c/li\u003e\n\u003cli\u003eWorkflow nodes within the victim workflow are triggered with unintended side effects, potentially causing further damage.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-45226 allows an attacker to execute arbitrary workflows without proper authorization. This can lead to the exposure of sensitive data contained within the victim workflows, as well as the unintended triggering of workflow nodes, potentially causing data corruption or other malicious side effects. The vulnerability affects Heym instances before version 0.0.21 and poses a risk to the confidentiality, integrity, and availability of workflow data.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Heym to version 0.0.21 or later to patch CVE-2026-45226.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Heym Workflow Execution with Subworkflow UUID\u0026rdquo; to identify potentially malicious workflow executions.\u003c/li\u003e\n\u003cli\u003eMonitor Heym logs for unauthorized workflow executions referencing unusual or suspicious workflow UUIDs.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-12T22:18:07Z","date_published":"2026-05-12T22:18:07Z","id":"https://feed.craftedsignal.io/briefs/2026-05-heym-auth-bypass/","summary":"Heym before 0.0.21 contains an authorization bypass vulnerability (CVE-2026-45226) that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs, leading to exposure of outputs and unintended side effects.","title":"Heym Authorization Bypass Vulnerability CVE-2026-45226","url":"https://feed.craftedsignal.io/briefs/2026-05-heym-auth-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Heym","version":"https://jsonfeed.org/version/1.1"}