<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Obsidian - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/tags/obsidian/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Wed, 15 Jul 2026 21:58:29 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/tags/obsidian/feed.xml" rel="self" type="application/rss+xml"/><item><title>Authenticated Path Traversal in Obsidian Local REST API</title><link>https://feed.craftedsignal.io/briefs/2026-07-obsidian-pathtraversal/</link><pubDate>Wed, 15 Jul 2026 21:58:29 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-obsidian-pathtraversal/</guid><description>An authenticated path traversal vulnerability (GHSA-62gx-5q78-wrvx) in the Obsidian Local REST API's `/vault/{path}` endpoints allows an attacker to bypass path normalization checks using URL-encoded `%2F` sequences, enabling arbitrary file read, write, and delete operations outside the intended vault directory with the privileges of the Obsidian process.</description><content:encoded><![CDATA[<p>A critical authenticated path traversal vulnerability, tracked as GHSA-62gx-5q78-wrvx, has been identified in the Obsidian Local REST API plugin (versions prior to 4.1.3). This flaw allows an authenticated client to perform arbitrary file read, write, and delete operations on the host system. The vulnerability arises because the plugin's <code>/vault/{path}</code> endpoints percent-decode request paths <em>after</em> the Express framework has already routed and normalized them. This timing issue allows URL-encoded directory traversal sequences, specifically <code>..%2F..%2F</code>, to bypass initial routing layer checks. Once decoded by the handler, these sequences are reinterpreted as real directory traversals (<code>../</code>), escaping the intended vault directory without further confinement checks. This poses a significant risk as attackers can access sensitive files (e.g., SSH keys, browser profiles), modify system configurations, or destroy critical data, especially in deployments where the API serves as a backend for agents or other automated systems.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An authenticated attacker, possessing a valid API key for the Obsidian Local REST API, crafts a malicious HTTP request.</li>
<li>The attacker targets one of the vulnerable <code>/vault/{path}</code> endpoints (GET, PUT, PATCH, POST, or DELETE).</li>
<li>The crafted request includes URL-encoded directory traversal sequences like <code>..%2F</code> or <code>%2e%2e</code> within the <code>path</code> component of the URL.</li>
<li>The Express framework routes the request; however, it does not normalize or reject the encoded <code>..%2F</code> sequences, allowing them to reach the API handler.</li>
<li>Inside the Obsidian Local REST API handler, the <code>decodeURIComponent</code> function is applied to the request path.</li>
<li>This decoding step converts <code>..%2F</code> into <code>../</code>, effectively reconstituting a functional directory traversal path.</li>
<li>The API handler then passes this unconfined, escaped path directly to the Obsidian vault adapter's file operations (e.g., <code>readBinary</code>, <code>getAbstractFileByPath</code>).</li>
<li>With the reconstructed path, the Obsidian process, running with its current user's privileges, performs the requested operation (read, write, or delete) on arbitrary files outside the configured vault directory.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of this vulnerability enables an authenticated attacker to read, write, or delete any file on the host system that the Obsidian process has permissions to access. This can lead to the compromise of sensitive user data, including SSH keys, browser profiles, dotfiles, and credentials stored in the user's home directory. In scenarios where the Obsidian Local REST API is used as a backend for multi-component platforms (MCPs) or LLM agents, a prompt injection or malicious client could leverage this to elevate its capabilities from confined note editing to full host filesystem manipulation, leading to widespread data destruction, system modification, or even remote code execution.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Update the <code>obsidian-local-rest-api</code> plugin to version 4.1.3 or higher immediately to apply the vendor's patch.</li>
<li>Deploy the <code>Detect GHSA-62gx-5q78-wrvx Path Traversal in Obsidian Local REST API</code> Sigma rule to your SIEM to detect attempted exploitation involving URL-encoded traversal sequences in webserver logs.</li>
<li>Monitor webserver access logs for the <code>/vault/</code> endpoint for unusual activity, specifically <code>cs-uri-stem</code> values containing <code>%2F</code> or <code>%2e%2e</code> that indicate path traversal attempts.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>path-traversal</category><category>web-application</category><category>vulnerability</category><category>obsidian</category></item></channel></rss>