Path-Traversal — CraftedSignal Threat Feed

OpenMRS Module Upload Path Traversal Vulnerability

hello@craftedsignal.io — Mon, 04 May 2026 17:39:31 +0000

OpenMRS, an open-source enterprise electronic medical record system platform, is vulnerable to a path traversal (Zip Slip) vulnerability in its module upload functionality. Discovered in versions 2.7.8 and earlier, as well as versions 2.8.0 through 2.8.5, the vulnerability resides in the POST /openmrs/ws/rest/v1/module endpoint. An authenticated attacker with administrative privileges can exploit this flaw by uploading a specially crafted .omod archive containing malicious ZIP entries with directory traversal sequences. This can allow the attacker to write files outside of the intended module directory, potentially leading to arbitrary file write and remote code execution on the server. The vulnerability stems from incomplete path validation within the WebModuleUtil.startModule() function, an oversight compared to other extraction methods within the same codebase that are properly protected.

Attack Chain

The attacker authenticates to the OpenMRS instance with valid admin credentials via Basic Auth.
The attacker crafts a malicious .omod file containing a ZIP entry with a path traversal payload, such as web/module/../../../../.jsp.
The attacker sends a POST request to the /openmrs/ws/rest/v1/module endpoint, uploading the malicious .omod file.
The server receives the request and parses the uploaded .omod file, treating it as a ZIP archive.
During module loading via WebModuleUtil.startModule(), the server extracts entries under the web/module/ directory.
Due to an incomplete check, the entry web/module/../../../../.jsp passes the initial validation.
The server attempts to write the extracted file to a path constructed by concatenating the traversed path, resulting in writing the file outside the intended WEB-INF/view/module/ directory.
If the written file is a JSP script, accessing it via a browser triggers server-side execution, achieving Remote Code Execution (RCE).

Impact

Successful exploitation of this vulnerability allows an attacker to write arbitrary files within the web application root directory of the OpenMRS instance. This can lead to remote code execution, allowing the attacker to gain complete control of the affected server. Given OpenMRS’s use in healthcare environments, a successful attack could compromise sensitive patient data, disrupt medical operations, and damage the reputation of the affected organization. The number of potentially affected installations is unknown, but the vulnerability impacts a widely used version of the platform.

Recommendation

Apply the patch or upgrade to a version of OpenMRS that includes the fix for CVE-2026-40076 to address the path traversal vulnerability.
Deploy the Sigma rule Detect OpenMRS Malicious Module Upload to identify exploitation attempts based on HTTP requests to the /openmrs/ws/rest/v1/module endpoint with suspicious file extensions in the query parameters.
Enable webserver logging to capture HTTP request data and facilitate detection and investigation efforts.
Monitor file creation events within the web application root directory for suspicious JSP files. Use the Sigma rule Detect JSP File Creation in Web Application Root as a starting point.
Enforce the module.allow_web_admin restriction consistently across all module upload entry points, including the REST API to prevent bypass.

Flux159 mcp-game-asset-gen Path Traversal Vulnerability

hello@craftedsignal.io — Fri, 01 May 2026 21:16:17 +0000

A path traversal vulnerability, identified as CVE-2026-7594, has been discovered in Flux159 mcp-game-asset-gen version 0.1.0. The vulnerability resides within the image_to_3d_async function located in the src/index.ts file of the MCP Interface component. Successful exploitation allows a remote attacker to manipulate the statusFile argument, potentially leading to unauthorized file access and modification. Public exploits are available, increasing the risk of widespread exploitation. The project maintainers were notified via an issue report, but have not yet addressed the vulnerability. This lack of response, coupled with the existence of public exploits, elevates the urgency for defenders.

Attack Chain

The attacker identifies a vulnerable instance of mcp-game-asset-gen 0.1.0 running on a remote server.
The attacker crafts a malicious HTTP request targeting the image_to_3d_async function.
Within the request, the attacker manipulates the statusFile argument to include path traversal sequences (e.g., “../”).
The server-side application processes the request, using the attacker-controlled statusFile value to construct a file path.
Due to insufficient input validation, the path traversal sequences are not properly sanitized.
The application attempts to read or write to a file outside the intended directory, based on the manipulated path.
If successful, the attacker gains unauthorized access to sensitive files or overwrites critical system files.
The attacker leverages the file access to further compromise the system, potentially leading to code execution or data exfiltration.

Impact

Successful exploitation of this path traversal vulnerability could allow attackers to read sensitive files, overwrite critical system files, or even achieve remote code execution on the affected server. This could lead to data breaches, system instability, or complete server compromise. Given the availability of public exploits, organizations using mcp-game-asset-gen 0.1.0 are at immediate risk.

Recommendation

Apply input validation and sanitization to the statusFile argument within the image_to_3d_async function to prevent path traversal, addressing CVE-2026-7594.
Monitor web server logs for suspicious requests containing path traversal sequences (e.g., “../”) in the statusFile parameter using the provided Sigma rule.
Implement the Sigma rule targeting process creation events related to the exploitation of CVE-2026-7594.

Fujian Apex LiveBOS Path Traversal Vulnerability

hello@craftedsignal.io — Fri, 01 May 2026 01:16:38 +0000

Fujian Apex LiveBOS, a live broadcasting system, is vulnerable to a path traversal attack. This vulnerability, identified as CVE-2026-7519, exists due to insufficient input validation on the filename parameter within the /feed/UploadImage.do endpoint. Versions up to and including 2.0 are affected. Publicly available exploits exist, increasing the risk of exploitation. An attacker can leverage this flaw to access sensitive files on the server, potentially leading to information disclosure or further system compromise. Upgrading to version 2.1 or applying available patches is strongly recommended.

Attack Chain

An attacker identifies a Fujian Apex LiveBOS instance running version 2.0 or earlier.
The attacker crafts a malicious HTTP request targeting the /feed/UploadImage.do endpoint.
The attacker manipulates the filename parameter within the request, injecting path traversal sequences (e.g., ../../).
The server-side application fails to properly sanitize the filename, allowing the path traversal sequence to be processed.
The application attempts to read a file based on the attacker-controlled path.
If successful, the contents of the targeted file are returned to the attacker in the HTTP response.
The attacker analyzes the leaked file content for sensitive information (e.g., credentials, configuration files).

Impact

Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files on the LiveBOS server. This could include configuration files containing database credentials, private keys, or other confidential information. The impact ranges from information disclosure to potential full system compromise, depending on the accessed data. There are no reported victims or sectors targeted as of yet, but the public availability of the exploit increases the likelihood of exploitation.

Recommendation

Upgrade Fujian Apex LiveBOS to version 2.1 to remediate CVE-2026-7519.
Deploy the Sigma rule Detect LiveBOS Path Traversal Attempt to identify malicious requests exploiting the vulnerability.
Monitor web server logs for requests containing path traversal sequences targeting the /feed/UploadImage.do endpoint.

ABB PCM600 Path Traversal Vulnerability (CVE-2018-1002208)

hello@craftedsignal.io — Thu, 30 Apr 2026 12:00:00 +0000

ABB PCM600 versions 1.5 through 2.13 are vulnerable to a path traversal flaw (CVE-2018-1002208) within the SharpZip.dll library. Successful exploitation enables a local attacker with low privileges to execute arbitrary code on the affected system. This vulnerability resides in the software used to configure and manage protection and control IEDs (Intelligent Electronic Devices) in critical infrastructure sectors, specifically critical manufacturing. ABB recommends updating to PCM600 version 2.14 to remediate this vulnerability. The vulnerability was reported to CISA by ABB PSIRT.

Attack Chain

Attacker gains low-privilege access to the target system running a vulnerable ABB PCM600 version.
The attacker crafts a malicious message containing a path traversal payload designed to exploit CVE-2018-1002208.
The attacker sends the crafted message to the system node, targeting the vulnerable SharpZip.dll.
The SharpZip.dll processes the message without properly sanitizing the provided path.
The path traversal vulnerability allows the attacker to write arbitrary files to locations outside the intended directory.
The attacker leverages the file write capability to place a malicious executable or library in a trusted location.
The attacker triggers the execution of the malicious code, achieving arbitrary code execution on the system.
The attacker can then perform actions such as escalating privileges, installing malware, or disrupting industrial processes.

Impact

Successful exploitation of CVE-2018-1002208 can lead to arbitrary code execution on systems running vulnerable ABB PCM600 versions within critical manufacturing environments. While no specific victim counts or sectors are detailed in the advisory, the vulnerability’s presence in industrial control systems poses a significant risk. A successful attack could disrupt manufacturing processes, cause equipment damage, or lead to data breaches.

Recommendation

Upgrade to ABB Protection and control IED manager PCM600 version 2.14 to address CVE-2018-1002208 as per the vendor’s recommendation.
If using RE_630 protection relays with older PCM600 versions, implement system-level defenses as described in ABB’s security advisory 2NGA002813.
Minimize network exposure for all control system devices and systems, ensuring they are not accessible from the internet, as recommended by CISA.
Monitor file creation events for suspicious file paths that may indicate path traversal attempts exploiting CVE-2018-1002208, using a rule similar to the example provided.

OpenPrinting CUPS Path Traversal Vulnerability (CVE-2026-34978)

hello@craftedsignal.io — Thu, 30 Apr 2026 08:46:41 +0000

CVE-2026-34978 is a path traversal vulnerability affecting OpenPrinting CUPS, a modular printing system that allows a computer to act as a print server. The vulnerability exists within the RSS notify-recipient-uri functionality, which improperly validates file paths. By crafting a malicious URI, an attacker can write files outside the intended CacheDir/rss directory. This can lead to the overwriting of critical system files, such as job.cache, potentially disrupting print services and, in some scenarios, leading to arbitrary code execution. This vulnerability was disclosed by Microsoft and requires immediate attention from system administrators to prevent potential exploitation.

Attack Chain

An attacker crafts a malicious RSS notify-recipient-uri containing a path traversal sequence (e.g., “../”).
The crafted URI is submitted to the CUPS server through a print job request or a configuration setting.
CUPS processes the URI and attempts to write a file to the specified location.
Due to the path traversal vulnerability, the file is written outside the intended CacheDir/rss directory.
The attacker overwrites a critical file, such as job.cache, with malicious content.
The CUPS server attempts to access the overwritten file.
If job.cache is successfully overwritten, the attacker can gain control of the print queue or cause a denial of service by corrupting the print system’s state.
In a more advanced scenario, the attacker could potentially achieve arbitrary code execution by overwriting other binaries or configuration files.

Impact

Successful exploitation of CVE-2026-34978 can lead to denial of service by corrupting the printing system state. By overwriting critical CUPS files, an attacker can disrupt printing services. In more critical scenarios, the vulnerability could be leveraged to achieve arbitrary code execution, potentially allowing the attacker to gain complete control over the affected system. The scope of the impact is dependent on the permissions of the CUPS process and the specific files that are overwritten.

Recommendation

Apply the security patch provided by OpenPrinting to address CVE-2026-34978.
Monitor CUPS server logs for suspicious activity related to file writes outside the CacheDir/rss directory. Consider deploying the provided Sigma rule Detect CUPS Path Traversal File Write to identify such attempts.
Implement strict input validation on any user-supplied data that is used to construct file paths within CUPS.
Regularly review and audit CUPS configuration settings to ensure that they are secure and do not allow for path traversal vulnerabilities.

Relative Path Traversal Vulnerability in mcpo-simple-server

hello@craftedsignal.io — Wed, 29 Apr 2026 21:16:22 +0000

A relative path traversal vulnerability, identified as CVE-2026-7404, has been discovered in getsimpletool mcpo-simple-server up to version 0.2.0. The vulnerability resides within the delete_shared_prompt function of the src/mcpo_simple_server/services/prompt_manager/base_manager.py file. By manipulating the detail argument, a remote attacker can traverse the file system and delete arbitrary files. The vulnerability is remotely exploitable, and proof-of-concept exploit code is publicly available. The maintainers of the getsimpletool project have been notified of this vulnerability but have not yet responded. This poses a significant risk to systems running mcpo-simple-server, as it could lead to unauthorized file deletion and potential system compromise.

Attack Chain

The attacker identifies a vulnerable mcpo-simple-server instance running version 0.2.0 or earlier.
The attacker crafts a malicious HTTP request targeting the delete_shared_prompt function.
The malicious request includes a manipulated detail argument containing relative path traversal sequences (e.g., ../).
The server-side application processes the request and passes the manipulated detail argument to the delete_shared_prompt function.
The delete_shared_prompt function uses the attacker-controlled detail argument to construct a file path.
Due to the path traversal sequences, the resulting file path points to a location outside the intended directory.
The application attempts to delete the file at the attacker-specified location.
If permissions allow, the file is successfully deleted, leading to potential data loss or system instability.

Impact

Successful exploitation of this vulnerability allows an attacker to delete arbitrary files on the affected system. This can lead to data loss, application malfunction, or even complete system compromise, depending on the files targeted for deletion. Given the public availability of exploit code, systems running vulnerable versions of mcpo-simple-server are at immediate risk. The impact is especially severe if the targeted files are critical system files or application data.

Recommendation

Upgrade mcpo-simple-server to a patched version that addresses CVE-2026-7404, if available from the vendor.
Deploy the Sigma rule Detect Mcpo-Simple-Server Path Traversal Attempt to identify exploitation attempts in web server logs.
Implement strict input validation and sanitization on the detail argument of the delete_shared_prompt function, if patching is not immediately feasible.
Monitor web server logs for suspicious activity, such as requests containing path traversal sequences.
Restrict file system permissions to limit the impact of successful path traversal attacks.

Path Traversal Vulnerability in mail-mcp-bridge

hello@craftedsignal.io — Wed, 29 Apr 2026 16:16:29 +0000

A path traversal vulnerability, identified as CVE-2026-7386, has been discovered in fatbobman mail-mcp-bridge version 1.3.3 and prior. The vulnerability resides within the src/mail_mcp_server.py file, specifically affecting an unspecified function that handles the message_ids argument. A remote attacker can exploit this flaw by crafting malicious requests containing manipulated message_ids values. Successful exploitation allows the attacker to traverse the file system and potentially read sensitive files. An exploit is publicly available. The vulnerability is addressed in version 1.3.4, with patch 638b162b26532e32fa8d8047f638537dbdfe197a.

Attack Chain

The attacker identifies a vulnerable instance of mail-mcp-bridge running version 1.3.3 or earlier.
The attacker crafts a malicious HTTP request targeting the endpoint that processes message_ids.
Within the request, the attacker includes a message_ids parameter containing path traversal sequences (e.g., ../).
The server-side application, without proper validation, processes the manipulated message_ids value.
The application attempts to access a file path constructed using the attacker-controlled input.
Due to the path traversal sequences, the application accesses a file outside the intended directory.
The application reads the contents of the traversed file.
The attacker retrieves the contents of the file, gaining access to sensitive information.

Impact

Successful exploitation of this vulnerability allows an attacker to read arbitrary files on the server. This could lead to the exposure of sensitive data such as configuration files, application source code, or user data. With a CVSS v3.1 base score of 7.3, this vulnerability poses a significant risk. The number of affected installations is unknown, but any instance of mail-mcp-bridge running a vulnerable version is susceptible to attack.

Recommendation

Upgrade fatbobman mail-mcp-bridge to version 1.3.4 or later to apply the patch 638b162b26532e32fa8d8047f638537dbdfe197a that resolves CVE-2026-7386.
Deploy the Sigma rule “Detect mail-mcp-bridge Path Traversal Attempt” to identify exploitation attempts in web server logs.
Implement input validation on the message_ids parameter to prevent path traversal attacks in web applications, even after patching.

Eiceblue Spire-PDF-MCP-Server Path Traversal Vulnerability (CVE-2026-7315)

hello@craftedsignal.io — Wed, 29 Apr 2026 12:00:00 +0000

A path traversal vulnerability, identified as CVE-2026-7315, affects eiceblue spire-pdf-mcp-server version 0.1.1. The vulnerability resides in the get_pdf_path function within the src/spire_pdf_mcp/server.py file. By manipulating the filepath argument, a remote attacker can bypass directory traversal restrictions and potentially access sensitive files on the server. Public exploits are available, increasing the risk of exploitation. The vendor has been notified but has not yet provided a patch or response. This vulnerability poses a significant risk to systems running the affected software.

Attack Chain

The attacker identifies a vulnerable instance of eiceblue spire-pdf-mcp-server 0.1.1 exposed to the network.
The attacker crafts a malicious HTTP request targeting the get_pdf_path function, embedding a path traversal sequence (e.g., ../) within the filepath parameter.
The server receives the request and processes the filepath argument without proper sanitization or validation.
The get_pdf_path function constructs a file path using the attacker-controlled input, allowing the traversal of directories outside the intended PDF file storage location.
The server attempts to access a file outside the intended directory, based on the manipulated path.
If successful, the server reads the contents of the arbitrary file.
The server returns the contents of the file to the attacker.
The attacker gains unauthorized access to sensitive information, potentially including configuration files, credentials, or other confidential data.

Impact

Successful exploitation of CVE-2026-7315 allows a remote attacker to read arbitrary files on the server. This can lead to the disclosure of sensitive information, such as configuration files, credentials, or internal application code. The impact could include complete compromise of the affected system and potential lateral movement within the network. Given the availability of public exploits, the risk of widespread exploitation is elevated.

Recommendation

Deploy the Sigma rule Detect Spire-PDF Path Traversal Attempt to identify malicious requests containing path traversal sequences.
Monitor web server logs for HTTP requests targeting the get_pdf_path function with suspicious filepath parameters (e.g., containing “../”).
Implement strict input validation and sanitization measures for the filepath argument in the get_pdf_path function to prevent path traversal attacks.
Apply any available patches or updates from the vendor as soon as they are released to address CVE-2026-7315.

eiceblue spire-doc-mcp-server Path Traversal Vulnerability

hello@craftedsignal.io — Wed, 29 Apr 2026 12:00:00 +0000

A critical path traversal vulnerability has been identified in eiceblue spire-doc-mcp-server version 1.0.0. The vulnerability resides within the get_doc_path function of the src/spire_doc_mcp/api/base.py file. By manipulating the document_name argument, an attacker can bypass intended directory restrictions and access files outside the designated document path. This attack can be initiated remotely without authentication, posing a significant risk. Public exploits are available, increasing the likelihood of exploitation. The vendor was notified through an issue report, but has not yet responded.

Attack Chain

The attacker sends a crafted HTTP request to the spire-doc-mcp-server.
The request targets an endpoint that utilizes the vulnerable get_doc_path function.
The attacker manipulates the document_name parameter within the request.
The document_name parameter contains a path traversal sequence (e.g., “../”) designed to escape the intended directory.
The get_doc_path function fails to properly sanitize or validate the document_name input.
The application constructs a file path based on the malicious input.
The application attempts to read the file at the attacker-controlled path.
The attacker successfully retrieves the contents of an arbitrary file on the server.

Impact

Successful exploitation of this path traversal vulnerability allows an attacker to read sensitive files on the server. This could include configuration files containing credentials, source code, or other confidential data. The CVSS v3.1 score of 7.3 reflects the high severity of this issue. The lack of vendor response and availability of public exploits significantly increases the risk to organizations using vulnerable versions of spire-doc-mcp-server.

Recommendation

Deploy the Sigma rule Detect Spire-doc-mcp-server Path Traversal Attempt to your SIEM to detect exploitation attempts by monitoring web server logs for path traversal sequences.
Apply input validation and sanitization to the document_name argument in the get_doc_path function within src/spire_doc_mcp/api/base.py to prevent path traversal.
Monitor web server logs for HTTP requests containing path traversal sequences (e.g., “..%2F”, “../”) targeting endpoints related to document retrieval.

Elinsky execution-system-mcp Path Traversal Vulnerability

hello@craftedsignal.io — Wed, 29 Apr 2026 10:00:00 +0000

A path traversal vulnerability, identified as CVE-2026-7319, affects elinsky execution-system-mcp version 0.1.0. The vulnerability resides in the _get_context_file_path function located within the src/execution_system_mcp/server.py file, which is part of the add_action Tool component. By manipulating the context argument, a remote attacker can bypass directory restrictions and access unauthorized files. The existence of a published exploit increases the risk of this vulnerability being actively exploited. Defenders should prioritize patching and implementing mitigations to prevent potential data breaches or system compromise.

Attack Chain

The attacker identifies a vulnerable instance of elinsky execution-system-mcp 0.1.0 running remotely.
The attacker crafts a malicious HTTP request targeting the add_action tool.
Within the HTTP request, the attacker injects a path traversal sequence (e.g., ../) into the context argument of the _get_context_file_path function.
The _get_context_file_path function processes the tainted input without proper sanitization, allowing the path traversal sequence to resolve to a file outside of the intended directory.
The server attempts to read the file specified by the attacker-controlled path.
Sensitive information from the targeted file is read by the server.
The server returns the content of the file, or an error message indicating the file content, to the attacker.
The attacker obtains sensitive information, potentially leading to further exploitation, such as privilege escalation or data exfiltration.

Impact

Successful exploitation of this vulnerability allows an attacker to read arbitrary files on the server. This could lead to the disclosure of sensitive information, such as configuration files, source code, or user data. The CVSS v3.1 score of 7.3 indicates a high severity, highlighting the potential for significant impact. The lack of specifics regarding victim count and sectors targeted in the source information makes it difficult to quantify the precise scale of potential damage.

Recommendation

Apply any available patches or updates for elinsky execution-system-mcp to address CVE-2026-7319.
Implement input validation and sanitization measures to prevent path traversal attacks within the _get_context_file_path function.
Deploy the Sigma rule provided to detect exploitation attempts by monitoring for suspicious path traversal sequences in HTTP requests to the add_action tool.
Monitor web server logs for requests containing path traversal sequences such as “../” and ensure proper logging of access attempts.

mkdocs-mcp-plugin Path Traversal Vulnerability

hello@craftedsignal.io — Tue, 28 Apr 2026 12:00:00 +0000

A path traversal vulnerability, identified as CVE-2026-7159, has been discovered in douinc’s mkdocs-mcp-plugin, affecting versions up to 0.4.1. The flaw resides within the read_document and list_documents functions of the server.py file. By manipulating the docs_dir or file_path arguments, a remote attacker can bypass intended access restrictions and potentially read sensitive files on the server. A public exploit is available, increasing the risk of exploitation. The vendor has acknowledged the vulnerability and plans to release a fix in the coming days. This vulnerability poses a significant risk to systems using the affected plugin, potentially exposing sensitive data.

Attack Chain

Attacker identifies a server running a vulnerable version (<= 0.4.1) of the mkdocs-mcp-plugin.
Attacker crafts a malicious HTTP request targeting the read_document or list_documents endpoint.
The crafted request includes a manipulated docs_dir or file_path parameter designed to traverse the file system. This commonly involves using sequences like ../ to move up directories.
The vulnerable server.py script fails to properly sanitize or validate the provided path.
The application attempts to read a file outside the intended document root, based on the attacker-controlled path.
If successful, the contents of the targeted file are returned in the HTTP response to the attacker.
The attacker can repeat this process to enumerate and access various sensitive files.
The attacker gains unauthorized access to sensitive information, potentially including configuration files, source code, or user data.

Impact

Successful exploitation of this path traversal vulnerability (CVE-2026-7159) can lead to unauthorized access to sensitive files on the server. This could include configuration files, application source code, or user data. The impact ranges from information disclosure to potential compromise of the entire system, depending on the nature of the exposed data. Given the public availability of an exploit, affected systems are at increased risk of attack. The vendor is planning to release a fix soon.

Recommendation

Apply the patch for mkdocs-mcp-plugin as soon as it is released by the vendor to remediate CVE-2026-7159.
Deploy the Sigma rule Detect Mkdocs Path Traversal Attempt to identify exploitation attempts in web server logs.
Monitor web server logs for suspicious URL patterns containing path traversal sequences like ../ targeting file access endpoints, as detailed in the Attack Chain.

AgiFlow scaffold-mcp Path Traversal Vulnerability (CVE-2026-7237)

hello@craftedsignal.io — Tue, 28 Apr 2026 08:16:02 +0000

AgiFlow scaffold-mcp, a software component with unknown functionality, is vulnerable to a path traversal attack. This vulnerability, identified as CVE-2026-7237, affects versions up to 1.0.27. The vulnerability resides in the packages/scaffold-mcp/src/server/index.ts file, specifically within the “write-to-file” tool. An attacker can remotely exploit this flaw by manipulating the file_path argument, enabling them to write to arbitrary locations on the server. A patch has been released in version 1.1.0 with commit hash c4d23592ae5fb59cfeefc4641e6826f8ac89b9c6 to address this vulnerability. The exploit is publicly available.

Attack Chain

The attacker identifies an AgiFlow scaffold-mcp instance running a vulnerable version (<= 1.0.27).
The attacker crafts a malicious request targeting the “write-to-file” tool.
The request includes a manipulated file_path argument containing path traversal sequences (e.g., “../”, “..\”).
The server-side application processes the request without proper sanitization or validation of the file_path argument.
The application attempts to write data to the attacker-controlled file path.
Due to the path traversal sequences, the data is written to an arbitrary location on the server’s file system.
The attacker may overwrite critical system files, inject malicious code, or exfiltrate sensitive data, depending on the write permissions and targeted file location.
Successful exploitation leads to arbitrary code execution, data compromise, or denial of service.

Impact

Successful exploitation of CVE-2026-7237 allows attackers to write arbitrary files to the affected system, potentially leading to code execution, data exfiltration, or denial of service. The number of affected installations is currently unknown. Due to the public availability of the exploit, organizations using AgiFlow scaffold-mcp are at immediate risk.

Recommendation

Upgrade AgiFlow scaffold-mcp to version 1.1.0 or later to remediate CVE-2026-7237, applying the patch identified by commit hash c4d23592ae5fb59cfeefc4641e6826f8ac89b9c6.
Implement input validation and sanitization on the file_path argument within the “write-to-file” tool to prevent path traversal attacks.
Deploy the Sigma rule “Detect AgiFlow Scaffold-mcp Path Traversal Attempt” to identify exploitation attempts in web server logs.
Monitor web server logs for suspicious requests containing path traversal sequences in the URI.

BrowserOperator Core Path Traversal Vulnerability (CVE-2026-7234)

hello@craftedsignal.io — Tue, 28 Apr 2026 07:16:04 +0000

A path traversal vulnerability has been identified in BrowserOperator browser-operator-core versions up to 0.6.0. The vulnerability, designated as CVE-2026-7234, resides in the startsWith function within the scripts/component_server/server.js file. By manipulating the request.url argument, an attacker can bypass path restrictions and potentially access sensitive files on the server. The vulnerability can be exploited remotely, and a proof-of-concept exploit is publicly available. The BrowserOperator project has been notified, but a patch has not yet been released. Successful exploitation could lead to information disclosure and unauthorized access to system resources.

Attack Chain

The attacker identifies a vulnerable BrowserOperator browser-operator-core instance running a version prior to 0.6.0.
The attacker crafts a malicious HTTP request targeting the component_server/server.js endpoint.
The crafted request includes a manipulated request.url argument designed to bypass the startsWith function’s intended path restrictions.
The startsWith function fails to properly sanitize or validate the request.url input.
The application uses the attacker-controlled request.url to construct a file path.
The application attempts to read a file based on the constructed path, traversing directories outside of the intended scope.
If successful, the contents of the targeted file are returned to the attacker in the HTTP response.

Impact

Successful exploitation of this vulnerability allows a remote attacker to read arbitrary files on the server hosting the BrowserOperator browser-operator-core application. This could lead to the disclosure of sensitive information, including configuration files, credentials, or source code. The lack of response from the project maintainers increases the risk of widespread exploitation, especially given the availability of a public exploit.

Recommendation

Inspect webserver logs for HTTP requests containing path traversal patterns in the URL targeting the component_server/server.js endpoint to detect potential exploitation attempts. Deploy the Sigma rule Detect BrowserOperator Path Traversal Attempt to identify suspicious requests.
Monitor web server logs for unusual file access patterns originating from the BrowserOperator application.
Consider using a web application firewall (WAF) to filter out malicious requests targeting the vulnerable endpoint, mitigating the risk of CVE-2026-7234.

Path Traversal Vulnerability in engineer-your-data

hello@craftedsignal.io — Tue, 28 Apr 2026 02:16:08 +0000

A path traversal vulnerability, identified as CVE-2026-7214, has been discovered in eghuzefa’s engineer-your-data, specifically affecting versions up to 0.1.3. This flaw resides within the read_file, write_file, list_files, and file_inf functions of the src/server.py file. Successful exploitation allows a remote attacker to bypass directory restrictions and access or modify files outside the intended WORKSPACE_PATH. The vulnerability’s ease of exploitation is increased by the public availability of exploit code. Although the project was notified through an issue report, no response or patch has been released to date. This poses a significant risk to systems running vulnerable versions of engineer-your-data, potentially leading to sensitive data exposure or unauthorized modifications.

Attack Chain

The attacker identifies a vulnerable instance of engineer-your-data running version 0.1.3 or earlier.
The attacker crafts a malicious request targeting the read_file, write_file, list_files, or file_inf endpoints.
The malicious request includes a manipulated WORKSPACE_PATH argument containing path traversal sequences (e.g., ../).
The src/server.py script processes the request without proper sanitization or validation of the WORKSPACE_PATH.
The application attempts to access a file system resource based on the attacker-controlled path.
Due to the path traversal, the application accesses a file or directory outside the intended WORKSPACE_PATH.
If the read_file function is targeted, the attacker retrieves the contents of an arbitrary file.
If the write_file function is targeted, the attacker can overwrite an arbitrary file.

Impact

Successful exploitation of this vulnerability allows a remote, unauthenticated attacker to read sensitive files on the server, potentially exposing credentials, configuration files, or other confidential data. Alternatively, an attacker could overwrite system files, leading to denial of service or arbitrary code execution. Given the public availability of exploit code, vulnerable systems are at high risk of compromise. The impact is amplified by the lack of a patch or response from the project maintainers.

Recommendation

Monitor web server logs for suspicious requests containing path traversal sequences (e.g., “../”) in the WORKSPACE_PATH parameter, as described in the attack chain. Deploy the Sigma rule Detect Engineer-Your-Data Path Traversal Attempt to identify malicious requests.
Apply input validation and sanitization to the WORKSPACE_PATH argument in src/server.py to prevent path traversal, addressing CVE-2026-7214.
Consider using a web application firewall (WAF) to block requests containing path traversal sequences.

edvardlindelof notes-mcp Path Traversal Vulnerability (CVE-2026-7212)

hello@craftedsignal.io — Tue, 28 Apr 2026 02:16:08 +0000

A path traversal vulnerability, identified as CVE-2026-7212, affects edvardlindelof notes-mcp version 0.1.4 and earlier. This flaw resides within the notes_mcp.py file, where manipulation of the root_dir/path argument allows unauthorized access to files and directories outside the intended scope. The vulnerability can be exploited remotely and a proof-of-concept exploit is publicly available, increasing the risk of widespread exploitation. The vendor was notified through an issue report but has not yet responded, making timely patching unlikely. Successful exploitation could lead to sensitive data exposure, potentially compromising the entire application and server.

Attack Chain

An attacker identifies an instance of notes-mcp running version 0.1.4 or earlier.
The attacker crafts a malicious HTTP request targeting the vulnerable endpoint in notes_mcp.py.
The crafted request includes a manipulated root_dir/path argument containing path traversal sequences (e.g., ../) to navigate outside the intended directory.
The application fails to properly sanitize or validate the root_dir/path argument.
The application uses the attacker-controlled path to access files or directories on the server’s file system.
The attacker retrieves sensitive data, such as configuration files, application source code, or user data, by reading arbitrary files on the server.
If write access is possible, the attacker may overwrite critical system files.
The attacker uses the exposed information to further compromise the system or gain unauthorized access to other resources.

Impact

Successful exploitation of this path traversal vulnerability can lead to unauthorized access to sensitive files and directories on the affected server. This could result in the disclosure of confidential data, such as user credentials, application source code, or internal configuration details. The vulnerability has a CVSS v3.1 score of 7.3 (HIGH), indicating a significant risk. The number of potential victims is unknown, but any system running the vulnerable version of notes-mcp is at risk. The project’s lack of response to the vulnerability report suggests that a patch may not be immediately available, increasing the window of opportunity for attackers.

Recommendation

Inspect web server access logs for suspicious requests containing path traversal sequences like ../ in the URI targeting notes_mcp.py to identify potential exploitation attempts (see Sigma rule Detect notes-mcp Path Traversal Attempt).
Deploy the provided Sigma rules to your SIEM to detect exploitation attempts targeting this vulnerability.
Monitor network traffic for unusual file access patterns originating from the affected server after potential exploitation.
Since a public exploit is available, prioritize patching or mitigating this vulnerability if you are using the affected software, paying close attention to changes in request patterns and ensuring awareness of CVE-2026-7212.

Duartium papers-mcp-server Path Traversal Vulnerability (CVE-2026-7205)

hello@craftedsignal.io — Tue, 28 Apr 2026 01:17:16 +0000

A path traversal vulnerability has been identified in duartium papers-mcp-server, specifically version 9ceb3812a6458ba7922ca24a7406f8807bc55598. The vulnerability resides within the search_papers function located in the src/main.py file. By manipulating the topic argument, a remote attacker can exploit this flaw to traverse the file system and potentially read sensitive files. This vulnerability, identified as CVE-2026-7205, is remotely exploitable and has a publicly available exploit, increasing the risk of widespread exploitation. The project maintainers were notified, but there has been no response or patch released, making immediate defensive measures critical for organizations using this software.

Attack Chain

The attacker identifies a vulnerable instance of duartium papers-mcp-server version 9ceb3812a6458ba7922ca24a7406f8807bc55598.
The attacker crafts a malicious HTTP request targeting the search_papers function.
Within the HTTP request, the attacker injects a path traversal payload into the topic argument, such as “../../etc/passwd”.
The server-side application, without proper sanitization, processes the malicious topic argument.
The application attempts to read the file specified by the attacker’s path traversal payload (e.g., /etc/passwd).
The server responds with the contents of the requested file, effectively leaking sensitive information to the attacker.
The attacker analyzes the leaked file for sensitive data, such as usernames, passwords, or configuration details.
The attacker uses the obtained information to further compromise the system or network.

Impact

Successful exploitation of this path traversal vulnerability allows attackers to read arbitrary files on the affected server. This could lead to the disclosure of sensitive configuration files, user credentials, or source code, potentially leading to further compromise, lateral movement within the network, and data breaches. The lack of a patch and the availability of a public exploit increases the likelihood of widespread exploitation and potential damage.

Recommendation

Deploy the Sigma rule provided in this brief to detect exploitation attempts against the search_papers endpoint, focusing on path traversal payloads in the topic parameter.
Implement input validation and sanitization on the topic parameter within the search_papers function to prevent path traversal attacks.
Monitor web server logs for suspicious requests containing path traversal sequences like “../” and “./” in the URI query to detect potential exploitation attempts.
Apply rate limiting to the search_papers endpoint to mitigate potential brute-force path traversal attempts.

Tenda i9 Path Traversal Vulnerability (CVE-2026-7036)

hello@craftedsignal.io — Sun, 26 Apr 2026 12:16:22 +0000

A path traversal vulnerability, identified as CVE-2026-7036, exists in Tenda i9 version 1.0.0.5(2204). Specifically, the vulnerability resides in the R7WebsSecurityHandlerfunction of the HTTP Handler component. This flaw allows a remote, unauthenticated attacker to potentially access sensitive files and directories on the affected device. The vulnerability was reported on 2026-04-26, and a public exploit is reportedly available, increasing the risk of exploitation. This poses a significant threat to organizations using the affected Tenda i9 router, as it could lead to unauthorized access to sensitive information or system compromise.

Attack Chain

An attacker identifies a Tenda i9 router running firmware version 1.0.0.5(2204) accessible over the network.
The attacker crafts a malicious HTTP request targeting the vulnerable R7WebsSecurityHandlerfunction.
The crafted request includes a path traversal sequence (e.g., “../”) within the URL or request parameters.
The Tenda i9 router processes the malicious request without proper sanitization of the path.
The R7WebsSecurityHandlerfunction incorrectly interprets the path traversal sequence, allowing access to files or directories outside the intended web root.
The attacker gains unauthorized access to sensitive files, such as configuration files or system logs.
The attacker may use the exposed information to further compromise the device or the network it is connected to.
The attacker could potentially modify system files or execute commands, leading to full device compromise.

Impact

Successful exploitation of CVE-2026-7036 can lead to unauthorized access to sensitive files on the Tenda i9 router. This includes configuration files containing credentials, system logs, or other confidential data. An attacker could leverage this access to gain further control of the device, potentially leading to a complete system compromise. While the number of affected devices is currently unknown, given the widespread use of Tenda routers, the potential impact could be significant.

Recommendation

Deploy the provided Sigma rule to detect HTTP requests containing path traversal sequences targeting web servers to detect exploitation attempts (Sigma rule: “Detect Tenda i9 Path Traversal Attempt”).
Since the source mentions a public exploit exists, prioritize patching or replacing vulnerable Tenda i9 routers to remediate CVE-2026-7036 immediately, if a patch becomes available.
Monitor web server logs for unusual file access patterns or requests containing suspicious path traversal sequences.
Implement web application firewall (WAF) rules to block requests containing path traversal sequences.

Radare2 Path Traversal Vulnerability in Project Deletion

hello@craftedsignal.io — Thu, 23 Apr 2026 21:16:06 +0000

Radare2, a reverse engineering framework, is susceptible to a path traversal vulnerability (CVE-2026-6940) affecting versions prior to 6.1.4. This flaw allows a local attacker to delete arbitrary directories outside of the intended project storage location. By crafting project marker files with absolute paths that escape the configured dir.projects root directory, an attacker can trick the radare2 process into recursively deleting directories they should not have access to. This vulnerability poses a significant risk to system integrity and availability, as attackers can potentially delete critical system files or data. This vulnerability was published on 2026-04-23 and could be exploited immediately.

Attack Chain

Attacker gains local access to a system with radare2 installed.
Attacker identifies the location where radare2 stores project files (configured by dir.projects).
Attacker crafts a malicious radare2 project file containing an absolute path pointing outside the designated project directory. This path includes traversal sequences (e.g., ../) to escape the dir.projects root.
The attacker places the malicious project marker file in a location where radare2 will discover it (e.g. a default projects directory).
Attacker uses radare2’s project deletion functionality, specifying the malicious project for deletion.
Radare2, without proper validation of the project file path, recursively deletes the directory specified in the crafted path.
This deletion occurs with the permissions of the radare2 process, potentially allowing the attacker to delete files and directories they would normally not have access to.
The attacker achieves arbitrary directory deletion, leading to loss of system integrity and availability.

Impact

Successful exploitation of this vulnerability allows a local attacker to recursively delete arbitrary directories on the affected system. This can lead to significant data loss, system instability, and denial of service. The CVSS v3.1 base score for this vulnerability is 7.1, indicating a high level of severity. While no specific victim numbers or sector targeting have been disclosed, the potential impact on any system running a vulnerable version of radare2 is substantial.

Recommendation

Upgrade radare2 to version 6.1.4 or later to patch CVE-2026-6940.
Implement the process creation rule below to detect suspicious radare2 executions that could indicate exploitation attempts.
Consider limiting local user access to systems running radare2 to reduce the attack surface.

SiYuan Path Traversal via Double URL Encoding in `/export/` Endpoint

hello@craftedsignal.io — Wed, 22 Apr 2026 20:55:31 +0000

SiYuan is vulnerable to a path traversal vulnerability (CVE-2026-30869) due to a redundant url.PathUnescape() call within the serveExport() function. The vulnerability exists in versions prior to 3.6.5. This flaw allows an authenticated attacker, including low-privilege users with Publish/Reader roles, to bypass intended security restrictions and access sensitive files stored within the SiYuan workspace. The initial fix attempted with IsSensitivePath() proved insufficient as it did not address the core issue of double URL decoding. An attacker can exploit this vulnerability by using double URL encoded characters in a crafted HTTP request, allowing them to read arbitrary files such as the complete SQLite document database (siyuan.db), kernel logs, and other critical files.

Attack Chain

An authenticated attacker sends a GET request to the /export/ endpoint with a double URL encoded path, such as /export/%252e%252e/siyuan.db.
The Go HTTP server decodes the initial layer of URL encoding, transforming %25 into %, resulting in a path like /export/%2e%2e/siyuan.db.
The path cleaner does not recognize %2e%2e as directory traversal, so it passes through.
The serveExport() function then calls url.PathUnescape() on the path, decoding %2e%2e into ...
The filepath.Join() function concatenates the exportBaseDir with the now decoded path, e.g., /../siyuan.db.
The IsSensitivePath() check fails to block the request because it doesn’t account for the decoded path or specific database files in the temp/ directory.
The attacker successfully retrieves the contents of the siyuan.db file, which contains the complete document database.
The attacker repeats the process to access other sensitive files within the workspace, such as siyuan.log, blocktree.db, and asset_content.db.

Impact

Successful exploitation of this vulnerability allows an attacker to exfiltrate sensitive data, including the entire SQLite document database, potentially containing all user documents, attributes, and search indexes. The attacker can also access the kernel log, which may contain internal server paths, versions, configuration details, and error messages. This information disclosure could lead to further compromise of the system. While the number of victims is unknown, any SiYuan instance running a version prior to 3.6.5 is potentially vulnerable.

Recommendation

Upgrade SiYuan to version 3.6.5 or later to remediate the vulnerability.
Deploy the provided Sigma rule Detect SiYuan Path Traversal Attempt to detect attempts to exploit this vulnerability by monitoring for double URL encoded characters in requests to the /export/ endpoint.
Monitor web server logs for requests to the /export/ endpoint containing %252e%252e to identify potential exploitation attempts.
Consider implementing a more robust path validation mechanism within the serveExport() function that properly handles URL decoding and directory traversal attempts.

InstructLab Path Traversal Vulnerability (CVE-2026-6855)

hello@craftedsignal.io — Wed, 22 Apr 2026 13:16:22 +0000

CVE-2026-6855 describes a path traversal vulnerability found in InstructLab, a tool or platform that allows for interactive instruction or learning sessions. A local attacker can exploit this vulnerability by manipulating the logs_dir parameter within the chat session handler. This manipulation allows the attacker to bypass intended directory restrictions and gain the ability to create new directories and write files to arbitrary locations on the affected system. The vulnerability was…

WWBN AVideo Unauthenticated Path Traversal Vulnerability (CVE-2026-41058)

hello@craftedsignal.io — Wed, 22 Apr 2026 12:00:00 +0000

WWBN AVideo is an open-source video platform. Versions 29.0 and below are vulnerable to a path traversal vulnerability (CVE-2026-41058) due to an incomplete fix for the deleteDump parameter in the CloneSite functionality. This vulnerability allows unauthenticated attackers to delete arbitrary files on the server by injecting ../../ sequences into the GET request. The vulnerability was reported on April 21, 2026, and a fix is available in commit 3c729717c26f160014a5c86b0b6accdbd613e7b2. Successful exploitation allows attackers to potentially disrupt service, delete sensitive data, or escalate privileges depending on the file permissions.

Attack Chain

The attacker identifies an AVideo instance running version 29.0 or below.
The attacker crafts a malicious HTTP GET request targeting the CloneSite functionality.
The attacker injects a path traversal sequence (e.g., ../../) into the deleteDump parameter of the GET request.
The AVideo application fails to properly sanitize the deleteDump parameter.
The unlink() function is called with the attacker-controlled path, allowing deletion of arbitrary files.
The attacker uses the vulnerability to delete critical system files or configuration files.
The application or server becomes unstable or inoperable.

Impact

Successful exploitation of CVE-2026-41058 allows unauthenticated attackers to delete arbitrary files on the AVideo server. This can lead to denial of service, data loss, or potential privilege escalation if critical system files are deleted. The vulnerability affects all AVideo instances running version 29.0 or below, potentially impacting a large number of users and organizations relying on the platform.

Recommendation

Upgrade AVideo instances to a version containing the fix from commit 3c729717c26f160014a5c86b0b6accdbd613e7b2 to address CVE-2026-41058.
Deploy the Sigma rule Detect AVideo Path Traversal Attempt to identify exploitation attempts in web server logs.
Implement web application firewall (WAF) rules to block requests containing path traversal sequences in the deleteDump parameter.
Monitor web server logs for suspicious activity related to the CloneSite functionality and the deleteDump parameter.

Hermes WebUI Arbitrary File Deletion Vulnerability (CVE-2026-6832)

hello@craftedsignal.io — Wed, 22 Apr 2026 12:00:00 +0000

Hermes WebUI, a web-based user interface, contains an arbitrary file deletion vulnerability, tracked as CVE-2026-6832. The vulnerability resides in the /api/session/delete endpoint. An authenticated attacker can exploit this flaw by supplying a crafted session_id parameter containing an absolute path or path traversal sequences. This allows the attacker to bypass the intended SESSION_DIR boundary and delete arbitrary files on the server, provided the attacker has write access to those files. Versions prior to the patched version are affected. Successful exploitation leads to information integrity issues and potential denial of service.

Attack Chain

Attacker authenticates to Hermes WebUI using valid credentials.
Attacker crafts a malicious HTTP POST request to the /api/session/delete endpoint.
The request includes a session_id parameter with a path traversal payload (e.g., ../../../../etc/passwd) or an absolute path to a target file.
The Hermes WebUI application fails to properly validate the session_id parameter.
The application constructs a file path using the unvalidated session_id, allowing it to escape the intended SESSION_DIR.
The application attempts to delete the file specified by the attacker-controlled path.
If the attacker has sufficient privileges, the target file is successfully deleted from the file system.
The deletion of critical system or application files leads to a denial-of-service condition or other system instability.

Impact

Successful exploitation of CVE-2026-6832 allows authenticated attackers to delete arbitrary files on the system running Hermes WebUI. This can lead to data loss, application malfunction, or even complete system compromise if critical system files are deleted. The vulnerability affects all deployments of Hermes WebUI prior to the patched version, potentially impacting numerous organizations using the vulnerable software. While the exact number of victims is unknown, the severity of the vulnerability is high due to the potential for significant damage and disruption.

Recommendation

Upgrade Hermes WebUI to version v0.50.132 or later, where the vulnerability is patched, as referenced in the advisory.
Implement strict input validation on the session_id parameter in the /api/session/delete endpoint to prevent path traversal attacks.
Deploy the provided Sigma rule to detect malicious requests to the /api/session/delete endpoint containing path traversal sequences.
Monitor web server logs for HTTP requests to /api/session/delete with suspicious session_id values.

CrowdStrike LogScale Unauthenticated Path Traversal Vulnerability (CVE-2026-40050)

hello@craftedsignal.io — Wed, 22 Apr 2026 12:00:00 +0000

CrowdStrike has disclosed CVE-2026-40050, a critical unauthenticated path traversal vulnerability affecting specific versions of LogScale. This vulnerability allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability resides in a specific cluster API endpoint. CrowdStrike mitigated the vulnerability for LogScale SaaS customers on April 7, 2026, by deploying network-layer blocks. CrowdStrike self-hosted LogScale customers are urged to upgrade to a patched version immediately to remediate the vulnerability. The vulnerability was identified through CrowdStrike’s internal product testing. Next-Gen SIEM customers are not affected.

Attack Chain

Attacker identifies a vulnerable LogScale instance with the exposed cluster API endpoint.
Attacker crafts a malicious HTTP request containing a path traversal payload targeting the vulnerable API endpoint.
The crafted request bypasses authentication checks due to the vulnerability.
LogScale server processes the request and attempts to access the file specified in the path traversal payload.
Due to the missing input validation, the server accesses files outside the intended directory.
The server reads the contents of the targeted file from the filesystem.
The file content is included in the HTTP response sent back to the attacker.
Attacker obtains sensitive information from the server’s filesystem, such as configuration files, credentials, or internal data.

Impact

Successful exploitation of CVE-2026-40050 allows an unauthenticated remote attacker to read arbitrary files on the LogScale server. This could lead to the exposure of sensitive data, including configuration files, credentials, and internal application data. The vulnerability affects self-hosted LogScale customers who have not applied the necessary security updates. The impact could be severe, potentially leading to data breaches or unauthorized access to the system.

Recommendation

Upgrade self-hosted LogScale instances to the latest patched version to remediate CVE-2026-40050 immediately.
Monitor web server logs for suspicious requests containing path traversal patterns targeting LogScale’s API endpoints to detect potential exploitation attempts (see rule: “Detect LogScale Path Traversal Attempts”).
Deploy network-layer blocks to restrict access to the vulnerable API endpoint if immediate patching is not feasible.
Review access controls and network segmentation to limit the impact of potential future vulnerabilities.
Enable webserver logging to capture cs-uri-query, cs-uri-stem, and cs-method to improve visibility and incident response.

JetBrains TeamCity Authentication Bypass and Path Traversal Vulnerabilities

hello@craftedsignal.io — Wed, 22 Apr 2026 10:00:00 +0000

JetBrains TeamCity, a CI/CD software platform, is vulnerable to CVE-2024-27198, an authentication bypass, and CVE-2024-27199, a path traversal vulnerability. These flaws affect TeamCity versions prior to 2023.11.4. Initially, there was no observed active exploitation. However, by March 7, 2024, widespread exploitation was detected following the public availability of proof-of-concept code. Attackers are actively exploiting these vulnerabilities to create new user accounts on publicly exposed, unpatched TeamCity instances. A substantial number of compromised servers are utilized as production machines for software building and deployment. These attacks have the potential to lead to supply-chain compromises by exposing sensitive information. CISA added CVE-2024-27199 to its Known Exploited Vulnerabilities catalog on April 20, 2026.

Attack Chain

The attacker sends a crafted HTTP request to a vulnerable TeamCity server, exploiting CVE-2024-27198 to bypass authentication.
Once authenticated (or bypassing authentication), the attacker leverages CVE-2024-27199, a path traversal vulnerability, to access sensitive files and directories on the server.
The attacker reads configuration files containing credentials for other systems and services.
The attacker creates new administrative user accounts on the TeamCity server to ensure persistent access.
The attacker modifies build configurations to inject malicious code into software builds.
The attacker compromises the software supply chain by injecting malicious code into build artifacts.
The attacker uses stolen credentials to access deployment environments and deploy compromised builds.

Impact

Successful exploitation allows attackers to perform administrative actions on affected TeamCity servers, leading to a compromise of confidentiality, integrity, and availability of data and infrastructure. The compromise of TeamCity servers used for software building and deployment can result in supply-chain attacks, as these servers often contain sensitive information, such as credentials for deployment environments. A substantial portion of compromised TeamCity servers are utilized as production machines for software building and deployment processes, increasing the scope and impact of potential supply chain attacks.

Recommendation

Immediately patch all JetBrains TeamCity servers to version 2023.11.4 or later to remediate CVE-2024-27198 and CVE-2024-27199 (Reference: https://www.jetbrains.com/privacy-security/issues-fixed/).
Deploy the Sigma rule “Detect TeamCity Authentication Bypass Attempt” to your SIEM to detect exploitation attempts of CVE-2024-27198.
Enable web server logging and increase monitoring to detect suspicious activity related to path traversal attempts indicative of CVE-2024-27199 exploitation.
Monitor for the creation of new user accounts within TeamCity, especially administrative accounts, which could indicate successful exploitation.

Apktool Path Traversal Vulnerability (CVE-2026-39973)

hello@craftedsignal.io — Tue, 21 Apr 2026 02:16:07 +0000

Apktool, a tool used for reverse engineering Android APK files, is vulnerable to a path traversal issue in versions 3.0.0 and 3.0.1 (CVE-2026-39973). This vulnerability resides within the brut/androlib/res/decoder/ResFileDecoder.java component. A maliciously crafted APK can exploit this flaw during standard decoding (apktool d) to write arbitrary files to the filesystem. The vulnerability is a security regression introduced by commit e10a045 (PR #4041, December 12, 2025), which inadvertently removed the BrutIO.sanitizePath() call, a crucial safeguard against path traversal attacks. By embedding ../ sequences in the resources.arsc Type String Pool, attackers can bypass directory restrictions and write files to sensitive locations, such as ~/.ssh/config, ~/.bashrc, or Windows Startup folders, ultimately enabling remote code execution. Apktool version 3.0.2 addresses this vulnerability by reintroducing the BrutIO.sanitizePath() function in ResFileDecoder.java, effectively mitigating the path traversal risk.

Attack Chain

An attacker crafts a malicious Android APK file.
The attacker embeds ../ sequences within the resources.arsc Type String Pool of the APK.
A user attempts to decode the malicious APK file using a vulnerable version of Apktool (3.0.0 or 3.0.1) via the command apktool d malicious.apk.
During the decoding process, the ResFileDecoder.java component processes the resources.arsc file.
Due to the missing BrutIO.sanitizePath() call, the ../ sequences are not sanitized, allowing path traversal.
Apktool attempts to write a resource file to a location outside the intended output directory.
The resource file is written to an arbitrary location on the filesystem, potentially overwriting critical system files (e.g., ~/.bashrc, ~/.ssh/config).
If a file like ~/.bashrc is overwritten, subsequent shell sessions execute malicious code, achieving remote code execution. If a Windows Startup folder is targeted, the code executes on the next reboot.

Impact

Successful exploitation of this vulnerability allows attackers to write arbitrary files to the filesystem of the machine running Apktool. This can lead to various malicious outcomes, including remote code execution, privilege escalation, and data exfiltration. The impact is particularly severe if Apktool is run with elevated privileges or if sensitive files are overwritten. While specific victim numbers are not available, developers and security researchers who rely on Apktool for APK analysis are at risk.

Recommendation

Upgrade to Apktool version 3.0.2 or later to remediate CVE-2026-39973.
Implement file integrity monitoring on sensitive files like ~/.bashrc and ~/.ssh/config to detect unauthorized modifications.
Enable process monitoring to detect the execution of apktool d with suspicious arguments, particularly targeting unexpected output directories.
Deploy the Sigma rule “Detect Apktool Path Traversal Attempt” to identify potential exploitation attempts based on command-line arguments.

ThreatSonar Anti-Ransomware Arbitrary File Deletion Vulnerability

hello@craftedsignal.io — Mon, 20 Apr 2026 08:16:11 +0000

CVE-2026-5966 describes an arbitrary file deletion vulnerability in TeamT5’s ThreatSonar Anti-Ransomware. The vulnerability allows authenticated remote attackers with web access to exploit a path traversal flaw. This means that an attacker who already has valid credentials to access the web interface of ThreatSonar Anti-Ransomware can craft malicious requests to delete files that the application user has access to, regardless of their intended purpose or location. The CVSS v3.1 score is 8.1, indicating a high severity. The vulnerable software is ThreatSonar Anti-Ransomware from TeamT5.

Attack Chain

An attacker gains valid credentials to the ThreatSonar Anti-Ransomware web interface, likely through credential stuffing or phishing.
The attacker authenticates to the ThreatSonar Anti-Ransomware web application.
The attacker identifies an endpoint within the web application that handles file operations (e.g., backup, restore, quarantine).
The attacker crafts a malicious HTTP request to this endpoint containing a path traversal payload in a filename or filepath parameter (e.g., ../../../../windows/system32/drivers/etc/hosts).
The web application processes the request without proper sanitization or validation of the file path.
The application attempts to delete the file specified by the attacker-controlled path.
If the application user has sufficient privileges, the arbitrary file is deleted from the system.

Impact

Successful exploitation of this vulnerability allows authenticated attackers to delete arbitrary files on the system where ThreatSonar Anti-Ransomware is installed. This could lead to denial of service by deleting critical system files, data loss by deleting important data files, or potentially escalate privileges by deleting files used in privilege escalation techniques.

Recommendation

Apply the patch or upgrade to the latest version of ThreatSonar Anti-Ransomware as provided by TeamT5 to address CVE-2026-5966.
Implement input validation and sanitization on all file path parameters within the ThreatSonar Anti-Ransomware web application to prevent path traversal attacks.
Monitor web server logs for suspicious requests containing path traversal sequences (e.g., ../, ..\\) in file-related parameters to detect potential exploitation attempts. Deploy the Sigma rule for webserver logs.
Implement principle of least privilege and regularly audit user permissions in ThreatSonar Anti-Ransomware.

KodExplorer Path Traversal Vulnerability (CVE-2026-6568)

hello@craftedsignal.io — Sun, 19 Apr 2026 10:16:09 +0000

A path traversal vulnerability, identified as CVE-2026-6568, affects kodcloud KodExplorer up to version 4.52. The vulnerability resides within the share.class.php::initShareOld function in the /app/controller/share.class.php file, a part of the Public Share Handler component. An attacker can exploit this flaw by manipulating the path argument, leading to unauthorized access to files and directories outside of the intended share path. Public exploit code is available, increasing the risk of active exploitation. The vendor was notified, but has not responded.

Attack Chain

An attacker identifies a KodExplorer instance running version 4.52 or earlier.
The attacker crafts a malicious HTTP request targeting the /app/controller/share.class.php endpoint.
The request includes a manipulated path argument designed to traverse directories outside the intended share path (e.g., ../../../../etc/passwd).
The share.class.php::initShareOld function processes the request without proper sanitization of the path argument.
The application attempts to access the file specified by the attacker-controlled path.
If successful, the application reads and potentially displays the contents of the targeted file (e.g., /etc/passwd) to the attacker.
The attacker analyzes the retrieved information to gather sensitive data, such as usernames, system configurations, or database credentials.
The attacker leverages the compromised information to further compromise the system or gain access to other sensitive resources.

Impact

Successful exploitation of CVE-2026-6568 can allow an unauthenticated remote attacker to read arbitrary files on the KodExplorer server. This may lead to the disclosure of sensitive information such as configuration files, user credentials, or source code. The vulnerability poses a significant risk to organizations using affected versions of KodExplorer. The number of potential victims is unknown, but it is likely to affect any organization using the vulnerable software.

Recommendation

Apply input validation to the path parameter within the share.class.php::initShareOld function to prevent path traversal (reference CVE-2026-6568).
Deploy the Sigma rule “Detect KodExplorer Path Traversal Attempt” to identify malicious requests targeting the vulnerable endpoint.
Monitor web server logs for suspicious requests containing path traversal sequences (e.g., “../”, “..", “%2e%2e/”).
Block access to the malicious URLs listed in the IOC table at the network perimeter.

Firebird Path Traversal Vulnerability Leads to Code Execution (CVE-2026-40342)

hello@craftedsignal.io — Fri, 17 Apr 2026 20:16:35 +0000

Firebird, an open-source relational database management system, is vulnerable to a path traversal flaw (CVE-2026-40342) in versions prior to 5.0.4, 4.0.7, and 3.0.14. This vulnerability resides within the external engine plugin loader. The loader concatenates a user-supplied engine name into a filesystem path without proper sanitization, leaving it open to path traversal attacks. An authenticated user with CREATE FUNCTION privileges can craft a malicious ENGINE name containing path separators and .. components. This allows them to load an arbitrary shared library from anywhere on the filesystem. The library’s initialization code executes immediately upon loading, before Firebird can validate the module, effectively granting code execution under the security context of the server’s operating system account. Upgrading to versions 5.0.4, 4.0.7, or 3.0.14 resolves this issue.

Attack Chain

Attacker authenticates to the Firebird database server with an account possessing CREATE FUNCTION privileges.
Attacker crafts a malicious ENGINE name that includes path traversal sequences (e.g., ../../../../).
The attacker uses the crafted ENGINE name in a CREATE FUNCTION statement, specifying a path to an arbitrary shared library on the filesystem. For example, CREATE FUNCTION evil_func RETURNS INTEGER ENGINE '/path/to/evil/../../../../tmp/evil.so'.
The Firebird server’s plugin loader concatenates the provided ENGINE name into a filesystem path without proper validation.
The Firebird server attempts to load the shared library from the attacker-controlled path, effectively bypassing intended access controls.
The operating system loads the shared library into the Firebird server’s process.
The shared library’s initialization code executes immediately, granting the attacker arbitrary code execution within the context of the Firebird server process.
The attacker gains control of the Firebird server’s OS account, potentially leading to data exfiltration, system compromise, or denial of service.

Impact

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the Firebird server with the privileges of the operating system account running the Firebird service. This can lead to full system compromise, including data exfiltration, modification, or destruction. Given the high CVSS score of 9.9, this vulnerability poses a critical risk to organizations using vulnerable Firebird versions. The impact could range from complete database compromise to lateral movement within the network, depending on the privileges of the Firebird service account.

Recommendation

Upgrade Firebird servers to versions 5.0.4, 4.0.7, or 3.0.14 to patch CVE-2026-40342.
Monitor Firebird server logs for CREATE FUNCTION statements with suspicious ENGINE names containing path traversal sequences, and deploy the Sigma rule Detect Firebird Create Function Path Traversal to your SIEM.
Implement strict access controls to limit CREATE FUNCTION privileges to only authorized users, and enable audit logging on all Firebird database servers to monitor user activity.

ByteDance DeerFlow Path Traversal and Arbitrary File Write Vulnerability

hello@craftedsignal.io — Fri, 17 Apr 2026 17:17:09 +0000

ByteDance DeerFlow, a software of unknown purpose, prior to commit 2176b2b, is vulnerable to path traversal and arbitrary file write. The vulnerability lies within the bootstrap-mode custom-agent creation process, specifically due to insufficient validation of the agent name. This flaw allows attackers to bypass intended directory restrictions and write files to arbitrary locations on the system, provided they have the necessary filesystem permissions. The vulnerability was reported on April 17, 2026 and has been assigned CVE-2026-40518. Exploitation of this vulnerability could lead to privilege escalation and system compromise. Defenders should prioritize patching or mitigating this vulnerability to prevent unauthorized file modifications.

Attack Chain

Attacker gains low-privileged access to the DeerFlow application.
Attacker initiates the creation of a custom agent in bootstrap mode.
The attacker crafts a malicious agent name containing path traversal sequences (e.g., “../”, absolute paths).
The DeerFlow application fails to properly validate the agent name.
The application uses the attacker-supplied agent name to create directories.
The path traversal in the agent name allows the application to create directories outside the intended custom-agent directory.
The attacker uploads files as part of the custom agent creation.
The application writes these files to the attacker-controlled location, resulting in arbitrary file write.

Impact

Successful exploitation of this vulnerability allows attackers to write arbitrary files to the file system, potentially overwriting system files or planting malicious executables. This could lead to privilege escalation, arbitrary code execution, and complete system compromise. While the number of affected installations is unknown, any system running a vulnerable version of ByteDance DeerFlow is susceptible to this attack. The severity is compounded by the ease of exploitation, requiring only low-privileged access.

Recommendation

Apply the patch or upgrade to a version of ByteDance DeerFlow that includes commit 2176b2b to remediate the vulnerability referenced by CVE-2026-40518.
Implement the Sigma rule Detect Suspicious DeerFlow Agent Creation to detect exploitation attempts targeting CVE-2026-40518 by monitoring process creation events.
Monitor web server logs for unusual activity related to custom agent creation endpoints in DeerFlow to detect potential exploitation attempts.

OCaml opam Path Traversal Vulnerability (CVE-2026-41082)

hello@craftedsignal.io — Fri, 17 Apr 2026 12:00:00 +0000

OCaml opam, a package manager for OCaml, is susceptible to a path traversal vulnerability (CVE-2026-41082) in versions prior to 2.5.1. The vulnerability stems from insufficient validation of filepaths specified within the “.install” files used to define package installation procedures. Specifically, the “.install” field, which dictates the destination of installed files, permits the inclusion of “../” sequences. This oversight can be exploited by malicious package maintainers or compromised repositories to overwrite files outside the intended installation directory. This allows attackers to manipulate critical system files, potentially escalating privileges and compromising the entire system. The impact is significant for developers and systems relying on opam for package management, as it introduces a risk of arbitrary file modification and subsequent system compromise.

Attack Chain

An attacker crafts a malicious OCaml package containing a specially crafted “.install” file.
The malicious “.install” file contains a destination filepath that utilizes “../” sequences to traverse to parent directories.
A user unknowingly installs the malicious package using opam install .
Opam parses the “.install” file and executes the file installation instructions.
Due to the path traversal vulnerability, opam writes files to unintended locations outside of the intended package directory.
The attacker overwrites critical system files, such as configuration files or binaries.
The system is compromised as a result of the overwritten files, potentially leading to privilege escalation or arbitrary code execution.
The attacker gains control of the system.

Impact

Successful exploitation of this vulnerability can lead to arbitrary file overwrite, potentially resulting in privilege escalation, code execution, and complete system compromise. While the specific number of affected systems is unknown, any system utilizing OCaml opam versions before 2.5.1 is potentially vulnerable. This includes development environments, build servers, and production systems relying on OCaml packages installed through opam. A successful attack could lead to data loss, system instability, or unauthorized access to sensitive information.

Recommendation

Upgrade OCaml opam to version 2.5.1 or later to remediate CVE-2026-41082 (see references).
Deploy the Sigma rule Detect Opam Path Traversal in Install Files to detect attempts to exploit this vulnerability by monitoring for suspicious file paths during opam package installation.
Implement strict controls over the packages and repositories used by opam to prevent the installation of malicious or compromised packages.
Regularly audit the “.install” files of installed packages for suspicious path traversal sequences.

Multiple Critical Vulnerabilities in CISCO ISE Leading to Remote Code Execution

hello@craftedsignal.io — Fri, 17 Apr 2026 08:45:05 +0000

Cisco Identity Services Engine (ISE) versions 3.x.x (3.1.0 - 3.4.0, and 3.1.0 p1-p10, 3.2.0 p1-p7, 3.3 Patches 1-7, and 3.4 Patches 1-3) are vulnerable to three newly disclosed vulnerabilities that can lead to remote code execution. These vulnerabilities, CVE-2026-20186, CVE-2026-20147, and CVE-2026-20180, can be exploited by remote attackers with low privileges, such as having Read Only Admin credentials. Successful exploitation can result in service disruption, system takeover, and complete compromise of the ISE instance. The vulnerabilities involve command injection and path traversal due to insufficient validation of user-supplied input in HTTP request handling. There is currently no public proof-of-concept or proof-of-exploitation available.

Attack Chain

Attacker authenticates to CISCO ISE with low-privilege credentials (e.g., Read Only Admin).
Attacker crafts a malicious HTTP request targeting a vulnerable endpoint within the ISE web application.
The crafted request exploits CVE-2026-20186 by injecting commands to escalate privileges to root.
Alternatively, the attacker exploits CVE-2026-20147 by sending a crafted HTTP request to execute arbitrary commands on the underlying operating system.
As another option, the attacker leverages CVE-2026-20180 by exploiting insufficient validation of user-supplied input, leading to remote code execution.
The injected commands or executed code elevates the attacker’s privileges to root.
The attacker gains full control over the ISE system, enabling them to modify configurations, access sensitive data, or install malicious software.
In single-node ISE deployments, successful exploitation can lead to a denial-of-service condition, disrupting network authentication and authorization services.

Impact

Successful exploitation of these vulnerabilities allows attackers to gain complete control over the CISCO ISE system. This can lead to the compromise of sensitive network access policies, credentials, and other confidential information managed by ISE. The impact includes potential disruption of network services due to denial-of-service, unauthorized access to network resources, and the potential for lateral movement to other systems within the network. Given that ISE is a critical component for network access control, a successful attack can have widespread and severe consequences.

Recommendation

Immediately patch vulnerable CISCO ISE instances to the latest version to remediate CVE-2026-20186, CVE-2026-20147, and CVE-2026-20180 (Cisco Security Advisory).
Implement enhanced monitoring and detection capabilities to identify suspicious activity related to these vulnerabilities (CCB Recommendation).
Investigate and remediate any existing compromises by reviewing system logs and configurations for unauthorized changes (CCB Recommendation).

Unlimited Elements for Elementor WordPress Plugin Arbitrary File Read (CVE-2026-4659)

hello@craftedsignal.io — Fri, 17 Apr 2026 07:23:36 +0000

The Unlimited Elements for Elementor plugin, versions 2.0.6 and earlier, contains an arbitrary file read vulnerability (CVE-2026-4659). This vulnerability stems from inadequate sanitization of path traversal sequences within the URLtoRelative() and urlToPath() functions, particularly when combined with the ability to enable debug output. The URLtoRelative() function inadequately strips the base URL without properly sanitizing path traversal characters (../). Successful exploitation allows authenticated attackers with Author-level permissions or higher to access and read arbitrary local files on the WordPress host. This can include sensitive configuration files like wp-config.php, potentially exposing database credentials and other sensitive information.

Attack Chain

An attacker authenticates to the WordPress application with Author-level or higher privileges.
The attacker identifies the Repeater JSON/CSV URL parameter within the Unlimited Elements widget settings.
The attacker crafts a malicious URL containing path traversal sequences (e.g., http://site.com/../../../../etc/passwd) in the Repeater JSON/CSV URL parameter.
The crafted URL is passed to the URLtoRelative() function, which removes the base URL but fails to sanitize the path traversal sequences.
The resulting path (e.g., /../../../../etc/passwd) is concatenated with the base path by the application.
The cleanPath() function normalizes directory separators, but does not remove traversal components, leaving the path vulnerable.
The application resolves the path, leading to access of the targeted file (e.g., /etc/passwd).
The attacker retrieves the contents of the arbitrary file, such as wp-config.php, potentially extracting sensitive information.

Impact

Successful exploitation of this vulnerability allows attackers to read arbitrary files on the WordPress host. This can lead to the exposure of sensitive data, including database credentials, API keys, and other configuration settings stored in files like wp-config.php. The impact ranges from data leakage to potential full compromise of the WordPress installation and the underlying server, depending on the contents of the accessed files and the attacker’s subsequent actions. The number of potentially affected WordPress sites is substantial, given the popularity of the Elementor plugin.

Recommendation

Upgrade the Unlimited Elements for Elementor plugin to a version greater than 2.0.6 to patch CVE-2026-4659.
Monitor web server logs for HTTP requests containing path traversal sequences (../) in the URI, focusing on requests targeting WordPress plugins; use the provided Sigma rule to facilitate this detection.
Implement stricter input validation and sanitization for URL parameters within WordPress plugins, specifically when handling file paths, to prevent path traversal vulnerabilities.

Weblate Path Traversal Vulnerability in ZIP Download Feature (CVE-2026-34242)

hello@craftedsignal.io — Wed, 15 Apr 2026 19:16:35 +0000

Weblate, a web-based localization tool, has a path traversal vulnerability (CVE-2026-34242) affecting versions prior to 5.17. The vulnerability exists within the ZIP download feature, where the application fails to adequately verify downloaded files. This can allow an attacker to craft a malicious ZIP archive containing symbolic links that, when extracted by a user or the application itself, can lead to files outside of the intended repository being accessed. The vulnerability was reported and patched in version 5.17. Exploitation of this vulnerability requires a user to download and extract a maliciously crafted ZIP file.

Attack Chain

Attacker identifies a Weblate instance running a version prior to 5.17.
Attacker gains access to a translation project, either legitimately (e.g., as a translator) or illegitimately (e.g., via compromised credentials or another vulnerability).
Attacker crafts a malicious ZIP archive containing symbolic links that point to sensitive files or directories outside the intended Weblate repository (e.g., /etc/passwd, application configuration files).
Attacker uploads the malicious ZIP archive to the Weblate project, potentially disguised as a legitimate translation file.
A user (e.g., an administrator or another translator) downloads the ZIP archive using the ZIP download feature.
The user extracts the ZIP archive on their local machine or, if Weblate automatically processes the ZIP, on the server.
The symbolic links within the extracted archive are resolved, potentially allowing access to sensitive files or directories outside the Weblate repository.
Attacker gains unauthorized access to sensitive information, potentially leading to further compromise of the system.

Impact

Successful exploitation of this path traversal vulnerability (CVE-2026-34242) can allow an attacker to read arbitrary files on the server where Weblate is installed or on a user’s machine if the user downloads and extracts the crafted ZIP archive locally. This could lead to the exposure of sensitive information such as application configuration files, database credentials, or even system-level files, depending on the permissions of the user or the Weblate application. The severity is rated as HIGH with a CVSS v3.1 score of 7.7.

Recommendation

Upgrade Weblate to version 5.17 or later to patch CVE-2026-34242 (reference: Overview).
Implement file integrity monitoring on Weblate servers to detect unauthorized file access (reference: Attack Chain - step 7).
Deploy the Sigma rule to detect ZIP archive downloads containing suspicious filenames that might indicate path traversal attempts (reference: rules).
Educate users about the risks of downloading and extracting files from untrusted sources (reference: Overview).

Zarf Path Traversal Vulnerability via Malicious Package Metadata.Name

hello@craftedsignal.io — Wed, 15 Apr 2026 12:00:00 +0000

Zarf, a tool for air-gapped deployments, is susceptible to a path traversal vulnerability (CVE-2026-40090) affecting versions prior to v0.74.2. The vulnerability stems from inadequate sanitization of the Metadata.Name field within Zarf package manifests. When a user employs the zarf package inspect sbom or zarf package inspect documentation commands on an untrusted package, the tool constructs output file paths by concatenating a user-controlled output directory with the package’s Metadata.Name field. A malicious actor can craft a Zarf package with a manipulated Metadata.Name containing path traversal sequences (e.g., ../../), enabling arbitrary file write capabilities within the permissions of the user running the inspect command. This vulnerability allows attackers to write to locations they control, potentially leading to privilege escalation or system compromise.

Attack Chain

Attacker crafts a malicious Zarf package.
The attacker modifies the zarf.yaml manifest within the package to include a Metadata.Name field containing path traversal sequences (e.g., ../../../../tmp/evil).
The attacker repacks the Zarf package, recalculating checksums if necessary.
The attacker distributes the malicious Zarf package.
A victim user downloads the malicious Zarf package.
The victim executes zarf package inspect sbom --output-dir /tmp or zarf package inspect documentation --output-dir /tmp .
Zarf extracts the Metadata.Name from the zarf.yaml file.
Zarf constructs an output path by joining the user-specified output directory (/tmp) with the malicious Metadata.Name (../../../../tmp/evil), resulting in /tmp/../../../../tmp/evil. The tool attempts to write the SBOM or documentation data to this path, resulting in writing the file to /tmp/evil. This allows attackers to write files such as SSH authorized keys, cron jobs, or shell profiles.

Impact

Successful exploitation of this vulnerability allows an attacker to write arbitrary files to the file system, limited by the permissions of the user running the zarf package inspect command. This can lead to several critical consequences: privilege escalation by writing to authorized_keys files, arbitrary code execution by writing cron jobs, or persistent compromise by writing to shell profiles. This vulnerability affects users running the zarf package inspect sbom or zarf package inspect documentation command on untrusted packages. The affected packages are go/github.com/zarf-dev/zarf versions >= 0.23.0 and < 0.74.2.

Recommendation

Upgrade Zarf to version v0.74.2 or later to patch CVE-2026-40090.
Avoid inspecting unsigned Zarf packages as a workaround until the upgrade is complete, as mentioned in the advisory.
Deploy the Sigma rule “Detect Zarf Package Inspection with Path Traversal” to identify attempts to exploit this vulnerability via command-line arguments.
Monitor file creation events in sensitive directories (e.g., /home/$USER/.ssh, /etc/cron.d) for files created by the zarf binary using the “Detect Zarf Arbitrary File Write” Sigma rule.

Adobe ColdFusion Path Traversal Vulnerability (CVE-2026-34619)

hello@craftedsignal.io — Wed, 15 Apr 2026 12:00:00 +0000

CVE-2026-34619 describes a path traversal vulnerability affecting Adobe ColdFusion versions 2023.18, 2025.6, and earlier. Disclosed on April 14, 2026, this vulnerability allows an attacker to bypass intended security restrictions and gain access to sensitive files and directories on the ColdFusion server. The vulnerability exists due to improper limitation of pathnames, and successful exploitation requires no user interaction, making it particularly dangerous. This issue could lead to the exposure of configuration files, source code, or other sensitive data, potentially compromising the entire ColdFusion application and the server it resides on. Organizations using these versions of ColdFusion are vulnerable.

Attack Chain

The attacker identifies a ColdFusion server running a vulnerable version (2023.18, 2025.6, or earlier).
The attacker crafts a malicious HTTP request containing a path traversal sequence (e.g., “../”) in a URL parameter that is used to access files.
The ColdFusion server improperly processes the path, failing to adequately restrict access to files within the intended directory.
The attacker bypasses security restrictions and gains access to files or directories outside of the intended web root.
The attacker reads sensitive configuration files, such as database connection strings or API keys.
The attacker leverages exposed credentials to gain unauthorized access to databases or other systems.
The attacker modifies application code or uploads malicious files to further compromise the server.

Impact

Successful exploitation of CVE-2026-34619 can lead to a complete compromise of the ColdFusion server. An attacker could steal sensitive data, including customer information, proprietary source code, and database credentials. This could result in significant financial losses, reputational damage, and legal repercussions for affected organizations. The lack of required user interaction makes this vulnerability particularly dangerous, as an attacker can exploit it without any user awareness.

Recommendation

Upgrade to a patched version of Adobe ColdFusion as soon as possible. Refer to Adobe’s security bulletin APSB26-38 for the latest updates and instructions (https://helpx.adobe.com/security/products/coldfusion/apsb26-38.html).
Implement the Sigma rule “Detect ColdFusion Path Traversal Attempts” to detect exploitation attempts in web server logs.
Continuously monitor web server logs for suspicious URL patterns and path traversal attempts.

Fortinet FortiSandbox Path Traversal Vulnerability (CVE-2026-39813)

hello@craftedsignal.io — Tue, 14 Apr 2026 16:16:45 +0000

A path traversal vulnerability, identified as CVE-2026-39813, affects Fortinet FortiSandbox appliances. Specifically, versions 5.0.0 through 5.0.5 and 4.4.0 through 4.4.8 are susceptible. The vulnerability stems from insufficient path validation, potentially allowing an unauthenticated attacker to manipulate file paths and gain elevated privileges on the system. The specific attack vector is not detailed in the source document, but the use of ‘../filedir’ suggests the possibility of reading or writing arbitrary files. Successful exploitation could lead to complete system compromise, data exfiltration, or denial of service. Defenders should apply available patches or mitigations immediately.

Attack Chain

An unauthenticated attacker sends a crafted request to the FortiSandbox appliance.
The request targets a specific endpoint vulnerable to path traversal.
The attacker includes the “../filedir” sequence within a file path parameter.
The vulnerable application fails to properly sanitize the file path.
The attacker uses path traversal to access sensitive configuration files or system binaries.
By overwriting existing system files, the attacker escalates privileges.
The attacker executes arbitrary commands with elevated privileges.
The attacker gains full control of the FortiSandbox appliance, potentially allowing lateral movement to other systems.

Impact

Successful exploitation of CVE-2026-39813 allows an unauthenticated attacker to escalate privileges on the Fortinet FortiSandbox appliance. This could lead to complete system compromise, sensitive data exfiltration, or the deployment of malicious payloads. The lack of specific victim numbers or sectors targeted in the source data prevents further quantitative assessment. However, given the appliance’s role in network security, a successful attack could severely impact the security posture of organizations using the vulnerable FortiSandbox versions.

Recommendation

Upgrade Fortinet FortiSandbox to a patched version outside the vulnerable range (5.0.0-5.0.5 and 4.4.0-4.4.8) to remediate CVE-2026-39813.
Deploy the Sigma rule “Detect Fortinet FortiSandbox Path Traversal Attempt” to identify exploitation attempts in web server logs.
Monitor web server logs for suspicious requests containing “../filedir” patterns.
Investigate any alerts generated by the Sigma rules and review system logs for signs of unauthorized access or privilege escalation.

UniFi Play Path Traversal Vulnerability (CVE-2026-22562)

hello@craftedsignal.io — Tue, 14 Apr 2026 14:00:00 +0000

CVE-2026-22562 describes a critical path traversal vulnerability affecting UniFi Play PowerAmp (version 1.0.35 and earlier) and UniFi Play Audio Port (version 1.0.24 and earlier) devices. An attacker with access to the UniFi Play network can exploit this vulnerability to write arbitrary files on the file system. This capability can then be leveraged to achieve remote code execution (RCE) on the vulnerable device. Successful exploitation requires network access to the affected UniFi Play devices, making internal networks the primary target. The vulnerability was disclosed in April 2026. Defenders should prioritize patching vulnerable devices to prevent potential compromise.

Attack Chain

Attacker gains access to the UniFi Play network (e.g., via compromised credentials or network intrusion).
Attacker identifies a vulnerable UniFi Play device (PowerAmp <= 1.0.35 or Audio Port <= 1.0.24).
Attacker crafts a malicious HTTP request containing a path traversal sequence (e.g., “../../../”) in a file upload or download parameter.
The vulnerable device processes the request without proper sanitization, allowing the attacker to write a file to an arbitrary location on the file system.
Attacker writes a malicious script (e.g., a shell script or executable) to a location where it can be executed (e.g., a startup directory or cron job).
Attacker triggers the execution of the malicious script (e.g., by rebooting the device or waiting for the cron job to run).
The malicious script executes with the privileges of the UniFi Play device, granting the attacker remote code execution.
Attacker uses RCE to further compromise the device, pivot to other network assets, or establish persistence.

Impact

Successful exploitation of CVE-2026-22562 allows an attacker to gain complete control of the vulnerable UniFi Play device. This can lead to data exfiltration, device disruption, and further compromise of the network to which the device is connected. Given the potential for RCE, an attacker could potentially use compromised devices as entry points to other systems on the network, thus expanding their reach and increasing the overall impact of the attack. Organizations using affected UniFi Play devices are at high risk.

Recommendation

Immediately update UniFi Play PowerAmp to version 1.0.38 or later and UniFi Play Audio Port to version 1.1.9 or later to patch CVE-2026-22562 (see Overview).
Monitor network traffic for suspicious HTTP requests containing path traversal sequences targeting UniFi Play devices using the provided Sigma rule (Path Traversal in URI).
Implement network segmentation to limit the impact of a potential compromise of a UniFi Play device.
Review and harden access controls to the UniFi Play network to prevent unauthorized access by potential attackers.

Helm Plugin Path Traversal Vulnerability

hello@craftedsignal.io — Sat, 11 Apr 2026 12:00:00 +0000

Helm, a package manager for Kubernetes charts, is vulnerable to a path traversal issue. Specifically, Helm versions 4.0.0 through 4.1.3 are affected. A maliciously crafted Helm plugin, when installed or updated, can exploit this vulnerability (CVE-2026-35204) to write the plugin’s contents to arbitrary locations on the user’s filesystem. This can lead to overwriting critical system files or user data, potentially compromising the system’s integrity. Helm v4.1.4 resolves this vulnerability by rejecting plugins with non-SemVer versions containing path traversal patterns. Defenders should ensure Helm installations are updated to the patched version or implement workarounds to validate plugin metadata.

Attack Chain

An attacker crafts a malicious Helm plugin. This plugin contains a plugin.yaml file with a version field that includes POSIX dot-dot path separators (e.g., /../).
The attacker distributes the malicious plugin to potential victims, possibly through public repositories or direct spear phishing.
A victim attempts to install or update the Helm plugin using the helm plugin install or helm plugin update command.
Helm parses the plugin.yaml file and extracts the version field, which contains the path traversal characters.
Due to the vulnerability, Helm incorrectly resolves the file path, allowing the plugin’s contents to be written outside the intended plugin directory.
The malicious plugin overwrites arbitrary files on the user’s system based on the path specified in the version field.
Depending on the files overwritten, the attacker can achieve various malicious objectives, such as gaining persistence, escalating privileges, or executing arbitrary code.
The attacker achieves persistence by overwriting system startup scripts or configuration files, allowing the malicious code to run automatically on system reboot.

Impact

Successful exploitation of this vulnerability allows attackers to overwrite arbitrary files on the victim’s system. This can lead to various detrimental outcomes, including data loss, system instability, privilege escalation, and ultimately, complete system compromise. While the specific number of victims is unknown, any user running a vulnerable version of Helm (4.0.0 - 4.1.3) is at risk. The potential impact includes compromising Kubernetes deployments and sensitive data stored on affected systems.

Recommendation

Upgrade Helm to version 4.1.4 or later to remediate CVE-2026-35204, as this version includes a patch that prevents path traversal during plugin installation.
Implement a validation step before installing or updating Helm plugins, checking the plugin.yaml file for a version: field containing POSIX dot-dot path separators. This mitigates the risk described in the workaround section of the advisory.
Deploy the Sigma rule “Helm Plugin Install with Path Traversal” to detect attempts to install plugins with malicious version fields, using file_event logs.

Chamilo LMS Path Traversal Vulnerability (CVE-2026-31939)

hello@craftedsignal.io — Sat, 11 Apr 2026 12:00:00 +0000

Chamilo LMS, a learning management system, is vulnerable to a path traversal vulnerability (CVE-2026-31939) affecting versions prior to 1.11.38. This vulnerability resides in the main/exercise/savescores.php script. The vulnerability arises because the application directly concatenates user-supplied input from the $_REQUEST['test'] parameter into a filesystem path without proper sanitization, canonicalization, or traversal checks. This allows an attacker to manipulate the path and potentially delete arbitrary files on the server. Successful exploitation requires an authenticated user with access to the vulnerable functionality. Organizations using affected versions of Chamilo LMS are at risk of data loss and potential system compromise.

Attack Chain

An authenticated user accesses the main/exercise/savescores.php script within the Chamilo LMS application.
The application retrieves the value of the test parameter from the $_REQUEST array.
The application concatenates this user-supplied value directly into a file system path without proper sanitization or validation.
The application then attempts to delete the file specified by the constructed path using a function such as unlink().
An attacker crafts a malicious test parameter containing path traversal sequences (e.g., ../../) to navigate outside the intended directory.
The application, without proper checks, uses the manipulated path to delete a file outside of the designated exercise directory.
The attacker successfully deletes arbitrary files on the server, potentially including sensitive configuration files or other critical data.

Impact

Successful exploitation of CVE-2026-31939 allows an attacker to delete arbitrary files on the Chamilo LMS server. This can lead to data loss, system instability, and potential compromise of the entire system. The CVSS v3.1 score of 8.3 (HIGH) reflects the potential for significant impact, with confidentiality, integrity, and availability all being affected. The number of victims depends on the deployment size and user base of the affected Chamilo LMS instances.

Recommendation

Upgrade Chamilo LMS to version 1.11.38 or later to patch CVE-2026-31939, as indicated in the advisory https://github.com/chamilo/chamilo-lms/releases/tag/v1.11.38.
Implement input validation and sanitization on all user-supplied input, especially the test parameter in main/exercise/savescores.php, to prevent path traversal attacks.
Monitor web server logs for suspicious requests to main/exercise/savescores.php containing path traversal sequences (e.g., ../, ..\\), using the provided Sigma rule as a guide.
Implement file system access controls to limit the permissions of the web server process to only the necessary directories.

OpenClaw Path Traversal Vulnerability (CVE-2026-35668)

hello@craftedsignal.io — Fri, 10 Apr 2026 17:17:09 +0000

OpenClaw versions prior to 2026.3.24 are susceptible to a path traversal vulnerability (CVE-2026-35668) that compromises sandbox enforcement. This flaw allows a sandboxed agent to read arbitrary files from another agent’s workspace by exploiting weaknesses in the handling of mediaUrl and fileUrl parameters. The vulnerability stems from incomplete parameter validation within the normalizeSandboxMediaParams function and the absence of mediaLocalRoots context, which enables attackers to bypass intended sandbox restrictions and access sensitive data, such as API keys and configuration files, located outside the agent’s designated sandbox root. Successful exploitation allows unauthorized data access, potentially leading to lateral movement or data exfiltration.

Attack Chain

An attacker identifies an OpenClaw instance running a version prior to 2026.3.24.
The attacker crafts a malicious request containing either a mediaUrl or fileUrl parameter.
The crafted URL includes path traversal sequences (e.g., ../) designed to navigate outside the intended sandbox directory.
The normalizeSandboxMediaParams function processes the URL but fails to adequately sanitize or normalize the path, due to insufficient validation.
The lack of proper mediaLocalRoots context during path resolution further contributes to the bypass.
The application attempts to access the file specified by the manipulated URL.
Due to the path traversal vulnerability, the application reads a file outside the intended sandbox root, potentially revealing sensitive information like API keys.
The attacker retrieves the contents of the targeted file, completing the unauthorized access.

Impact

Successful exploitation of CVE-2026-35668 can lead to the disclosure of sensitive information, including API keys and configuration data, stored within other agents’ workspaces. This unauthorized access can enable attackers to perform lateral movement, escalate privileges, or exfiltrate valuable data. While specific victim counts are unavailable, any OpenClaw deployment running a vulnerable version is at risk. The impact is heightened in environments where OpenClaw agents handle sensitive data or manage critical infrastructure.

Recommendation

Upgrade OpenClaw to version 2026.3.24 or later to remediate CVE-2026-35668 and address the underlying path traversal vulnerability.
Implement input validation and sanitization for all URL parameters, especially those related to file or media access, to prevent path traversal attacks.
Apply the provided Sigma rule to detect suspicious requests containing path traversal sequences in mediaUrl or fileUrl parameters within web server logs.
Review and strengthen sandbox configurations to ensure proper isolation between OpenClaw agents and restrict access to sensitive files.

Perfmatters WordPress Plugin Arbitrary File Overwrite Vulnerability (CVE-2026-4351)

hello@craftedsignal.io — Fri, 10 Apr 2026 02:37:36 +0000

The Perfmatters plugin for WordPress, in versions up to and including 2.5.9, is vulnerable to an arbitrary file overwrite vulnerability (CVE-2026-4351). This vulnerability stems from the PMCS::action_handler() method’s processing of bulk activate/deactivate actions without proper authorization checks or nonce verification. The unsanitized $_GET['snippets'][] values are then passed to Snippet::activate()/Snippet::deactivate(), which subsequently call Snippet::update() and file_put_contents() with a traversed path. An authenticated attacker with subscriber-level privileges can exploit this flaw to overwrite arbitrary files on the server with a fixed PHP docblock, leading to a potential denial-of-service condition by corrupting critical files such as .htaccess or index.php. This vulnerability allows low-privileged users to gain elevated privileges on the system.

Attack Chain

Attacker authenticates to the WordPress site with subscriber-level access.
Attacker crafts a malicious HTTP GET request targeting the WordPress installation.
The GET request includes the pmcs_action parameter set to bulk_activate or bulk_deactivate.
The GET request includes the snippets[] parameter containing a path traversal payload, such as ../../../.htaccess.
The PMCS::action_handler() function processes the request without proper authorization or nonce validation.
The Snippet::activate() or Snippet::deactivate() functions are called, leading to Snippet::update().
Snippet::update() then calls file_put_contents() with the attacker-controlled path.
The attacker overwrites the targeted file (e.g., .htaccess, index.php) with a fixed PHP docblock, leading to a denial of service or further compromise.

Impact

Successful exploitation allows an attacker to overwrite arbitrary files on the WordPress server. Overwriting critical files like .htaccess or index.php can result in a denial-of-service condition, rendering the website unavailable. In some cases, this could be leveraged for further compromise by injecting malicious code into other PHP files or modifying server configurations. The vulnerability affects all installations using the Perfmatters plugin version 2.5.9 or earlier.

Recommendation

Immediately update the Perfmatters plugin to the latest version to patch CVE-2026-4351.
Deploy the Sigma rule Detect Perfmatters Arbitrary File Overwrite Attempt to monitor for exploitation attempts targeting this vulnerability via HTTP GET requests.
Monitor web server logs for suspicious GET requests containing pmcs_action=bulk_activate or pmcs_action=bulk_deactivate and path traversal sequences within the snippets[] parameter.
Implement strict file permission controls to limit the impact of potential file overwrite vulnerabilities.

AGiXT Path Traversal Vulnerability (CVE-2026-39981)

hello@craftedsignal.io — Thu, 09 Apr 2026 18:17:02 +0000

AGiXT, a dynamic AI Agent Automation Platform, contains a critical vulnerability (CVE-2026-39981) affecting versions prior to 1.9.2. The vulnerability lies in the safe_join() function within the essential_abilities extension. This function fails to adequately validate file paths, creating an opportunity for authenticated attackers to perform directory traversal attacks. By exploiting this flaw, an attacker can manipulate file paths to access files outside the designated agent workspace, resulting in arbitrary file read, write, or deletion capabilities on the server hosting the AGiXT instance. This issue was addressed and resolved in AGiXT version 1.9.2. This vulnerability could allow an attacker to gain complete control over the AGiXT server.

Attack Chain

The attacker authenticates to the AGiXT application.
The attacker crafts a malicious request targeting the safe_join() function within the essential_abilities extension.
The malicious request includes directory traversal sequences (e.g., ../) to navigate outside the intended agent workspace.
The safe_join() function fails to properly sanitize the input, allowing the traversal sequences to take effect.
The attacker gains the ability to read arbitrary files on the server using the path traversal.
The attacker exploits the ability to write to arbitrary files to inject malicious code or overwrite existing system files.
The attacker leverages the write access to establish persistence, potentially by modifying system startup scripts or scheduled tasks.
The attacker achieves arbitrary code execution on the server hosting the AGiXT instance, potentially leading to complete system compromise.

Impact

Successful exploitation of CVE-2026-39981 can lead to complete compromise of the AGiXT server. An attacker could gain unauthorized access to sensitive data, modify system configurations, install malware, or disrupt services. This vulnerability has a CVSS v3.1 score of 8.8, indicating a high severity. The impact could be significant for organizations relying on AGiXT for critical operations, potentially leading to data breaches, financial losses, and reputational damage. The number of victims and specific sectors targeted are currently unknown.

Recommendation

Upgrade AGiXT to version 1.9.2 or later to remediate CVE-2026-39981 (references: https://github.com/Josh-XT/AGiXT/releases/tag/v1.9.2).
Implement input validation and sanitization measures to prevent directory traversal attacks.
Monitor AGiXT application logs for suspicious file access attempts and path manipulation sequences.
Deploy the Sigma rules below to your SIEM to detect potential exploitation attempts targeting CVE-2026-39981.

Sleuth Kit Path Traversal Vulnerability (CVE-2026-40024)

hello@craftedsignal.io — Wed, 08 Apr 2026 22:16:22 +0000

The Sleuth Kit, a collection of command-line tools for forensic analysis of disk images, is susceptible to a path traversal vulnerability (CVE-2026-40024) affecting versions up to 4.14.0. This vulnerability resides within the tsk_recover utility, which is designed to recover files from disk images. An attacker can exploit this flaw by crafting a malicious filesystem image containing filenames or directory paths with path traversal sequences (e.g., ../). When tsk_recover processes this image, it can be tricked into writing files to arbitrary locations outside the intended recovery directory. Successful exploitation allows attackers to overwrite critical system files, such as shell configuration files or cron entries, ultimately leading to code execution with elevated privileges. This vulnerability poses a significant risk to systems utilizing The Sleuth Kit for forensic investigations.

Attack Chain

Attacker crafts a malicious filesystem image. This image contains filenames or directory paths embedded with path traversal sequences like ../.
The attacker, or a user under their control, invokes the tsk_recover utility on a vulnerable system, specifying the malicious filesystem image as input.
tsk_recover parses the filesystem image and encounters the crafted filenames with path traversal sequences.
Due to the vulnerability, tsk_recover incorrectly resolves the file paths, allowing the write operation to escape the intended recovery directory.
The utility writes a file to an arbitrary location on the file system. This location is determined by the attacker-controlled path traversal sequences.
The attacker strategically targets critical system files for overwriting, such as shell configuration files (.bashrc, .bash_profile) or cron entries (/etc/cron.d/).
Upon the next user login or scheduled cron job execution, the attacker’s malicious code embedded in the overwritten files is executed.
The attacker achieves code execution, potentially gaining persistence or escalating privileges on the compromised system.

Impact

Successful exploitation of this vulnerability allows an attacker to write arbitrary files to the target system, potentially leading to code execution. By overwriting shell configuration files or cron entries, attackers can gain persistence and escalate their privileges, effectively taking control of the system. While the specific number of victims is unknown, any system utilizing a vulnerable version of The Sleuth Kit for disk image analysis is at risk. The impact could range from data theft to complete system compromise, depending on the attacker’s objectives and the level of access gained.

Recommendation

Upgrade The Sleuth Kit to a version beyond 4.14.0 to patch CVE-2026-40024 and eliminate the path traversal vulnerability.
Monitor process execution for instances of tsk_recover writing files outside the intended recovery directory using the Sigma rule Detect Sleuth Kit Path Traversal.
Implement file integrity monitoring for critical system files (e.g., .bashrc, .bash_profile, /etc/cron.d/*) to detect unauthorized modifications resulting from exploitation of CVE-2026-40024.

Logstash Arbitrary File Write via Path Traversal (CVE-2026-33466)

hello@craftedsignal.io — Wed, 08 Apr 2026 18:26:00 +0000

CVE-2026-33466 exposes a critical vulnerability in Logstash, stemming from improper validation of file paths within compressed archives. This flaw, classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), can be exploited by an attacker to achieve arbitrary file writes on the host system. The attack vector involves serving a specially crafted archive to Logstash, typically through a compromised or attacker-controlled update endpoint. This malicious archive contains file paths designed to traverse directories, allowing the attacker to write files outside of the intended Logstash directories with the privileges of the Logstash process. If Logstash is configured with automatic pipeline reloading, this arbitrary file write can be leveraged to execute arbitrary code, effectively achieving remote code execution (RCE).

Attack Chain

Attacker identifies a Logstash instance with a vulnerable version of the archive extraction utility and a potential attack vector via update endpoints.
Attacker crafts a malicious compressed archive containing files with relative path traversal sequences in their filenames (e.g., “../../path/to/malicious/file.conf”).
Attacker compromises or controls an update endpoint used by Logstash to retrieve updates, such as pipeline configurations or plugins.
Logstash retrieves the malicious archive from the compromised update endpoint.
Logstash extracts the contents of the archive using a vulnerable archive extraction utility.
Due to insufficient path validation, the utility writes the files to arbitrary locations on the filesystem, overwriting existing files or creating new ones. A common target could be Logstash’s configuration directory.
If automatic pipeline reloading is enabled, Logstash detects the modified configuration file and reloads the pipeline.
The malicious configuration file contains embedded code that executes arbitrary commands on the system with the privileges of the Logstash process, achieving remote code execution.

Impact

Successful exploitation of CVE-2026-33466 can lead to complete compromise of the Logstash server. An attacker can gain arbitrary code execution, allowing them to install malware, steal sensitive data, or disrupt services. The CVSS v3.1 base score of 8.1 reflects the high potential for damage. While the number of potential victims and targeted sectors are unknown, any organization using a vulnerable Logstash instance is at risk.

Recommendation

Apply the patch or upgrade to a version of Logstash that addresses CVE-2026-33466 as soon as it becomes available.
Implement strict input validation on any update endpoints used by Logstash to prevent the delivery of malicious archives.
Disable automatic pipeline reloading in Logstash if possible, or implement controls to verify the integrity of pipeline configurations before reloading.
Deploy the Sigma rule Detect Logstash Path Traversal Archive Extraction to detect potential exploitation attempts by monitoring for suspicious file creation events.
Monitor file creation events for files created outside of the intended Logstash directories using the Detect Logstash Out-of-Directory File Creation Sigma rule.

Emmett Web Framework Path Traversal Vulnerability (CVE-2026-39847)

hello@craftedsignal.io — Tue, 07 Apr 2026 22:16:23 +0000

The Emmett web framework, a full-stack Python framework, is susceptible to a path traversal vulnerability affecting versions 2.5.0 to prior to 2.8.1. Specifically, the RSGI static handler for Emmett’s internal assets (/emmett paths) does not properly sanitize user-supplied input, leading to CVE-2026-39847. By crafting malicious URLs containing “../” sequences, an unauthenticated attacker can bypass directory restrictions and access sensitive files residing outside the designated assets directory. Successful exploitation allows attackers to potentially read application source code, configuration files, or other sensitive data. Emmett users are urged to upgrade to version 2.8.1 or later to remediate this vulnerability. The vulnerability was reported on April 7th, 2026.

Attack Chain

The attacker identifies a vulnerable Emmett web application running a version between 2.5.0 and 2.8.1.
The attacker crafts a malicious HTTP GET request targeting a static asset under the /__emmett__ path.
The crafted URL includes “../” sequences to traverse up the directory structure from the intended assets directory. For example: /__emmett__/../../../../etc/passwd.
The web server receives the request and passes it to the vulnerable RSGI static handler.
Due to the lack of input sanitization, the handler processes the “../” sequences, allowing the attacker to navigate outside the assets directory.
The handler attempts to read the file specified in the manipulated path (e.g., /etc/passwd).
The server returns the contents of the requested file in the HTTP response.
The attacker obtains sensitive information from the server, potentially including configuration files, source code, or credentials.

Impact

Successful exploitation of this path traversal vulnerability (CVE-2026-39847) allows an attacker to read arbitrary files on the server hosting the Emmett web application. This can lead to the exposure of sensitive information such as application source code, configuration files containing database credentials, or even system files. The impact can range from information disclosure to complete compromise of the web application and potentially the underlying server. The severity is rated as critical with a CVSS v3.1 score of 9.1.

Recommendation

Upgrade Emmett to version 2.8.1 or later to patch CVE-2026-39847.
Deploy the Sigma rule “Detect Emmett Path Traversal Attempts” to your SIEM to identify exploitation attempts.
Monitor web server logs for suspicious URLs containing “../” sequences targeting the /__emmett__ path to identify potential exploit attempts.
Implement web application firewall (WAF) rules to block requests containing path traversal sequences.

ChurchCRM Path Traversal Vulnerability Leading to Remote Code Execution

hello@craftedsignal.io — Tue, 07 Apr 2026 18:16:41 +0000

ChurchCRM, an open-source church management system, is vulnerable to a path traversal attack affecting versions prior to 6.5.3. This vulnerability resides in the backup restore functionality, specifically within src/ChurchCRM/Backup/RestoreJob.php. Authenticated administrators can exploit this flaw by manipulating the $rawUploadedFile['name'] parameter, which lacks proper sanitization. This allows for the upload of arbitrary files with attacker-controlled names to the /var/www/html/tmp_attach/ChurchCRMBackups/ directory. Successful exploitation leads to remote code execution via overwriting Apache’s .htaccess configuration files, effectively compromising the web server. Organizations using vulnerable versions of ChurchCRM are at risk of unauthorized access and control of their systems.

Attack Chain

An authenticated administrator logs into the ChurchCRM application.
The administrator navigates to the backup restore functionality.
The attacker crafts a malicious backup archive containing a crafted .htaccess file.
The attacker uploads the malicious backup archive via the restore functionality, exploiting the path traversal vulnerability in src/ChurchCRM/Backup/RestoreJob.php. The $rawUploadedFile['name'] parameter is manipulated to control the file’s destination.
The malicious .htaccess file is written to the web server’s document root or a sensitive directory, such as /var/www/html/.
The overwritten .htaccess file modifies the Apache web server’s configuration, potentially enabling PHP execution for arbitrary file types or redirecting requests to attacker-controlled scripts.
The attacker accesses a file (e.g., an image or text file) which is now parsed as PHP code due to the malicious .htaccess configuration.
The attacker executes arbitrary code on the server, gaining remote code execution.

Impact

Successful exploitation of this vulnerability allows attackers to gain complete control of the ChurchCRM web server. This can lead to data breaches, defacement of the website, and the potential to use the compromised server as a launchpad for further attacks within the network. Given the sensitive nature of data often stored in ChurchCRM systems (e.g., personal contact information, financial records), the compromise can have severe consequences for both the organization and its members. While the exact number of vulnerable installations is unknown, the widespread use of ChurchCRM makes this a significant threat.

Recommendation

Upgrade ChurchCRM to version 6.5.3 or later to patch the vulnerability described in CVE-2026-35573.
Implement strict file upload validation and sanitization to prevent path traversal vulnerabilities in other web applications.
Monitor web server logs for suspicious file uploads to /var/www/html/tmp_attach/ChurchCRMBackups/ directory, looking for unexpected file extensions using the “ChurchCRM Suspicious File Upload” Sigma rule.
Implement the “ChurchCRM .htaccess File Creation” Sigma rule to detect the creation of .htaccess files in web directories.

text-generation-webui Path Traversal Vulnerability (CVE-2026-35050)

hello@craftedsignal.io — Mon, 06 Apr 2026 18:16:42 +0000

The text-generation-webui application, an open-source web interface for running Large Language Models, contains a path traversal vulnerability (CVE-2026-35050) in versions prior to 4.1.1. A high-privileged user can exploit this vulnerability by saving extension settings in “.py” format within the application’s root directory. This allows them to overwrite existing Python files, most notably “download-model.py”. Subsequently, the overwritten “download-model.py” file can be executed by initiating a new model download through the application’s “Model” menu. Successful exploitation leads to arbitrary code execution within the context of the application. This vulnerability was patched in version 4.1.1.

Attack Chain

Attacker authenticates to the text-generation-webui application with high privileges.
Attacker crafts a malicious Python script (e.g., containing reverse shell code).
Attacker saves the malicious script as an extension setting in “.py” format, leveraging path traversal to target the application’s root directory. The filename is chosen to overwrite “download-model.py”.
The application saves the malicious “.py” file, overwriting the original “download-model.py” in the application root.
Attacker navigates to the “Model” menu within the text-generation-webui.
Attacker initiates the download of a new model, triggering the execution of the (now compromised) “download-model.py” file.
The malicious Python code within “download-model.py” executes, granting the attacker arbitrary code execution on the server.
The attacker establishes a reverse shell connection to their controlled system, achieving full system compromise.

Impact

Successful exploitation of CVE-2026-35050 allows a high-privileged attacker to achieve arbitrary code execution on the server hosting the text-generation-webui application. This could lead to complete system compromise, data exfiltration, and denial of service. The impact is critical due to the ease of exploitation and the potential for significant damage. Organizations using vulnerable versions of text-generation-webui are at risk of having their systems compromised.

Recommendation

Immediately upgrade text-generation-webui to version 4.1.1 or later to patch CVE-2026-35050.
Implement strict file permission controls to prevent unauthorized modification of critical application files, mitigating similar path traversal vulnerabilities.
Monitor web server logs for unusual file creation events in the application root directory to detect potential exploitation attempts (see example Sigma rule below targeting file creation in the webserver category).
Inspect network connections originating from the text-generation-webui server for suspicious outbound connections, which could indicate a reverse shell or other malicious activity resulting from code execution. Deploy the provided Sigma rule to detect such connections.

prompts.chat Path Traversal Vulnerability (CVE-2026-22661)

hello@craftedsignal.io — Sat, 04 Apr 2026 12:00:00 +0000

prompts.chat, a software application, is vulnerable to a path traversal attack (CVE-2026-22661) in versions prior to commit 0f8d4c3. This vulnerability stems from insufficient server-side validation of filenames within skill file archives. A remote attacker can exploit this by crafting malicious ZIP archives that contain filenames with path traversal sequences (e.g., ../). When a vulnerable prompts.chat instance extracts these archives, the lack of proper sanitization allows the attacker to write files to arbitrary locations on the file system, potentially overwriting critical system files and achieving arbitrary code execution. This poses a significant risk to system integrity and confidentiality.

Attack Chain

The attacker crafts a malicious ZIP archive containing a specially crafted skill file.
The filenames within the ZIP archive include path traversal sequences such as ../.
The attacker uploads the malicious ZIP archive to the prompts.chat application.
prompts.chat processes the uploaded ZIP archive without properly sanitizing the filenames.
The application extracts the contents of the ZIP archive, writing files to locations specified in the malicious filenames.
Path traversal sequences in the filenames allow the attacker to write files outside the intended extraction directory.
The attacker overwrites shell initialization files (e.g., .bashrc, .profile, .bash_profile) or other executable files.
When a user logs in or a new shell is spawned, the overwritten initialization file executes malicious code, granting the attacker arbitrary code execution on the system.

Impact

Successful exploitation of CVE-2026-22661 allows an attacker to write arbitrary files to the client system, leading to potential overwrite of sensitive system files and arbitrary code execution. The vulnerability affects systems running vulnerable versions of prompts.chat. The impact includes complete compromise of the system, data theft, and further propagation of malicious activities.

Recommendation

Apply the patch by upgrading to commit 0f8d4c3 or later to remediate CVE-2026-22661.
Implement server-side filename validation and sanitization to prevent path traversal attacks when handling ZIP archives within prompts.chat.
Deploy the Sigma rules provided in this brief to your SIEM to detect potential exploitation attempts.
Monitor web server logs for suspicious requests containing path traversal sequences in filenames as identified by the provided rules.

goshs Unauthenticated Arbitrary File Deletion via Path Traversal

hello@craftedsignal.io — Sat, 04 Apr 2026 12:00:00 +0000

The goshs application, a simple static file server written in Go, is vulnerable to a path traversal vulnerability (CVE-2026-35471). This flaw exists within the deleteFile function (httpserver/handler.go) due to a missing return statement after a check for path traversal attempts using ... Specifically, if a request contains double-encoded path traversal sequences (e.g., %252e%252e), the check fails to prevent subsequent file deletion. This vulnerability, present in versions prior to 1.1.5-0.20260401172448-237f3af891a9, allows an unauthenticated attacker to delete arbitrary files and directories on the server. The vulnerability affects default configurations of goshs, requiring no authentication or specific flags to be set.

Attack Chain

The attacker identifies a goshs instance running a vulnerable version (prior to 1.1.5-0.20260401172448-237f3af891a9).
The attacker crafts a GET request to a file path containing double-encoded path traversal sequences (%252e%252e) to bypass the path traversal check in deleteFile().
The GET request includes the ?delete parameter to trigger the file deletion logic.
The deleteFile() function receives the request and decodes the path, but the missing return after the path traversal check allows the execution to continue.
The os.RemoveAll() function is called with the manipulated path, leading to the deletion of arbitrary files or directories outside the intended webroot.
The server responds with HTTP status code 200, even if the file deletion was successful or resulted in an error.
The attacker verifies the deletion of the targeted file/directory.

Impact

Successful exploitation of this path traversal vulnerability allows an unauthenticated attacker to delete any file or directory accessible to the goshs process. This could lead to data loss, system instability, or complete compromise of the server if critical system files are deleted. While the exact number of vulnerable instances is unknown, any organization using goshs versions prior to 1.1.5-0.20260401172448-237f3af891a9 is at risk.

Recommendation

Upgrade to goshs version 1.1.5-0.20260401172448-237f3af891a9 or later to patch CVE-2026-35471.
Deploy the Sigma rule “Detect goshs Path Traversal Attempt via URL Encoding” to identify ongoing exploitation attempts based on double-encoded path traversal sequences in HTTP requests.
Monitor web server logs for GET requests containing double-encoded “..” sequences and the “?delete” parameter, indicative of exploitation attempts.

Coder Code-Marketplace Zip Slip Vulnerability

hello@craftedsignal.io — Sat, 04 Apr 2026 06:29:50 +0000

A Zip Slip vulnerability (CVE-2026-35454) exists in the Coder code-marketplace application, specifically in versions up to 2.4.1. The vulnerability stems from improper sanitization of zip entry names during VSIX file extraction, which allows an attacker to write files to arbitrary locations on the server. This flaw, discovered by Kandlaguduru Vamsi and detailed in GHSA-8x9r-hvwg-c55h, can be exploited by any authenticated user with upload privileges. Successful exploitation could lead to persistence via cron/init injection, SSH key injection, ld.so.preload hijacking, or binary overwrite. The vulnerability was patched in version 2.4.2. Defenders should upgrade to the latest version of the code-marketplace application to prevent potential exploitation.

Attack Chain

An authenticated user with upload privileges logs into the code-marketplace application.
The attacker crafts a malicious VSIX file containing zip entries with path traversal sequences (e.g., “../../../etc/cron.d/evil”).
The attacker uploads the malicious VSIX file through the application’s extension upload functionality.
The ExtractZip function processes the uploaded VSIX file without proper sanitization of zip entry names.
The filepath.Join function constructs the output path using the unsanitized zip entry name and a base directory.
Path traversal sequences like .. are resolved by filepath.Clean, but the resulting path is not checked against the intended base directory, allowing it to escape.
The application writes the extracted file to an attacker-controlled location on the server’s file system.
The attacker achieves persistence, privilege escalation, or arbitrary code execution by overwriting critical system files or injecting malicious code into system configurations like cron jobs or SSH authorized keys.

Impact

Successful exploitation of this Zip Slip vulnerability allows attackers to write arbitrary files to the underlying system. An attacker can achieve persistence by injecting malicious cron jobs or modifying system initialization scripts. Privilege escalation is possible via SSH key injection or by overwriting binaries with malicious versions. The impact ranges from system compromise to data exfiltration and denial of service. While the number of victims is unknown, any organization using vulnerable versions of the Coder code-marketplace application is at risk.

Recommendation

Upgrade the coder/code-marketplace application to version 2.4.2 or later to remediate CVE-2026-35454.
Implement file integrity monitoring on critical system directories (e.g., /etc/cron.d, /root/.ssh) using a file_event log source to detect unauthorized file modifications.
Deploy the Sigma rule “Detect Suspicious File Creation in Sensitive Directories” to detect potential exploitation attempts based on file creation events.
Enable webserver logging and deploy the provided Sigma rule “Detect VSIX Uploads with Path Traversal” to identify suspicious VSIX uploads containing path traversal sequences based on request parameters.

Emlog Path Traversal Vulnerability Leads to Remote Code Execution

hello@craftedsignal.io — Fri, 03 Apr 2026 23:17:04 +0000

Emlog, an open-source website building system, is vulnerable to a critical path traversal vulnerability (CVE-2026-34607) affecting versions 2.6.2 and earlier. This flaw resides within the emUnZip() function located in include/lib/common.php:793. The vulnerability stems from the function’s failure to sanitize ZIP entry names during extraction of ZIP archives, such as those used for plugin/template uploads or backup imports. An authenticated administrator can exploit this by uploading a specially crafted ZIP file containing entries with “../” sequences. This allows the attacker to write arbitrary files to the server’s file system, potentially including PHP webshells, ultimately leading to Remote Code Execution (RCE). At the time of this writing, there are no publicly available patches to address this vulnerability.

Attack Chain

The attacker authenticates as an administrator in the Emlog application.
The attacker crafts a malicious ZIP archive containing a file with a path traversal sequence (e.g., ../../../../shell.php).
The attacker uploads the crafted ZIP archive via a plugin/template upload or backup import feature.
The emUnZip() function is invoked, which extracts the contents of the ZIP archive.
Due to the lack of sanitization, the extractTo() function writes the malicious file to an arbitrary location on the server’s filesystem, as dictated by the path traversal sequence.
The attacker uploads a PHP webshell to a publicly accessible directory.
The attacker accesses the uploaded PHP webshell through a web browser (e.g., http://example.com/shell.php).
The attacker executes arbitrary commands on the server via the webshell, achieving Remote Code Execution (RCE).

Impact

Successful exploitation of this vulnerability allows an attacker to gain complete control over the affected Emlog server. This can lead to data breaches, website defacement, malware distribution, or further attacks against other systems on the network. Given that Emlog is used by numerous websites, the potential impact could be widespread, affecting potentially hundreds or thousands of websites.

Recommendation

Apply any available patches or updates for Emlog as soon as they are released to address CVE-2026-34607.
Implement input validation and sanitization measures within the emUnZip() function to prevent path traversal attacks. Specifically, sanitize ZIP entry names before passing them to the extractTo() function.
Monitor web server logs for suspicious requests to PHP files in unusual directories (e.g., outside the webroot) after ZIP archive uploads, using the provided Sigma rule for webserver logs.
Implement the provided Sigma rule to detect process creation from web server processes to identify potential webshell execution.

Budibase Path Traversal Vulnerability in Plugin Upload

hello@craftedsignal.io — Fri, 03 Apr 2026 16:16:41 +0000

Budibase, an open-source low-code platform, is vulnerable to a path traversal attack in versions prior to 3.33.4. This flaw resides in the plugin file upload endpoint (POST /api/plugin/upload), where the user-supplied filename is passed unsanitized to createTempFolder(). An attacker with Global Builder privileges can exploit this by crafting a multipart upload containing “../” sequences in the filename. This allows them to manipulate file paths, leading to arbitrary directory deletion via rmSync and arbitrary file write via tarball extraction. The attacker can write files to any filesystem path accessible by the Node.js process running Budibase. This vulnerability has been patched in version 3.33.4, and organizations using older versions are at risk.

Attack Chain

The attacker gains Global Builder privileges within a vulnerable Budibase instance (version < 3.33.4).
The attacker crafts a multipart upload request targeting the /api/plugin/upload endpoint (POST request).
Within the multipart form data, the attacker includes a filename parameter.
The filename parameter contains path traversal sequences such as “../” to manipulate the file path.
The Budibase application passes the unsanitized filename to the createTempFolder() function.
The manipulated path is then used in subsequent file system operations, such as rmSync (for deleting directories) and tarball extraction.
The attacker leverages rmSync with the manipulated path to delete arbitrary directories on the server.
Alternatively, the attacker leverages tarball extraction to write arbitrary files to arbitrary locations on the server, leading to potential code execution or data compromise.

Impact

Successful exploitation of this vulnerability allows an attacker with Global Builder privileges to perform arbitrary file system operations on the Budibase server. This includes the ability to delete arbitrary directories, potentially causing denial of service, and write arbitrary files, potentially leading to remote code execution. The impact is significant as it could allow for complete system compromise if the attacker can overwrite critical system files or deploy malicious code. This is especially dangerous for organizations relying on Budibase for critical business applications.

Recommendation

Immediately upgrade Budibase to version 3.33.4 or later to patch the CVE-2026-35214 vulnerability.
Monitor web server logs for POST requests to the /api/plugin/upload endpoint containing filenames with “../” sequences using the Sigma rule provided.
Implement strict access control policies to limit the number of users with Global Builder privileges within Budibase.

Perfmatters WordPress Plugin Arbitrary File Deletion Vulnerability (CVE-2026-4350)

hello@craftedsignal.io — Fri, 03 Apr 2026 08:16:17 +0000

The Perfmatters plugin, a popular WordPress performance optimization tool, contains a critical vulnerability (CVE-2026-4350) affecting versions up to and including 2.5.9.1. This flaw enables authenticated attackers with Subscriber-level access, the lowest privilege level in WordPress, to delete arbitrary files on the server. The vulnerability stems from the PMCS::action_handler() method’s failure to sanitize the $_GET['delete'] parameter. This lack of validation allows for path traversal attacks using sequences like ../, enabling attackers to navigate outside the intended storage directory and delete any accessible file. Successful exploitation can lead to the deletion of critical files such as wp-config.php, effectively disabling the website and potentially allowing a full site takeover.

Attack Chain

Attacker identifies a WordPress site using a vulnerable version (<=2.5.9.1) of the Perfmatters plugin.
Attacker gains Subscriber-level access to the WordPress site. This can be achieved through registration or compromised credentials.
Attacker crafts a malicious HTTP GET request targeting the WordPress site. The request includes the delete parameter with a path traversal payload. For example: ?delete=../../../../wp-config.php.
The request is sent to the PMCS::action_handler() method within the Perfmatters plugin.
The PMCS::action_handler() method processes the unsanitized $_GET['delete'] parameter.
The plugin concatenates the malicious path with the storage directory.
The unlink() function executes, deleting the file specified by the attacker’s path traversal payload.
If the attacker successfully deletes wp-config.php, the WordPress site becomes inaccessible and redirects to the installation wizard, potentially allowing for complete site takeover.

Impact

Successful exploitation of CVE-2026-4350 allows attackers to delete arbitrary files on a vulnerable WordPress server. A key target is wp-config.php, which contains sensitive database credentials. Deleting this file forces WordPress into the installation wizard, potentially leading to a full site takeover. The impact ranges from defacement and data loss to complete control of the website, impacting businesses, organizations, and individuals relying on WordPress for their online presence. The ease of exploitation due to the low privilege requirements makes this a high-risk vulnerability.

Recommendation

Immediately update the Perfmatters plugin to the latest version to patch CVE-2026-4350.
Implement the provided Sigma rule Detect Perfmatters Arbitrary File Deletion Attempt to identify potential exploitation attempts based on cs-uri-query in web server logs.
Consider implementing rate limiting on requests to wp-admin/options.php to mitigate potential brute-force exploitation attempts targeting this vulnerability.
Review web server access logs for unusual patterns in cs-uri-query parameters containing ../ sequences, as these may indicate path traversal attempts.

Endian Firewall Arbitrary File Deletion via Path Traversal (CVE-2026-34790)

hello@craftedsignal.io — Thu, 02 Apr 2026 15:16:42 +0000

Endian Firewall, a security-focused Linux distribution designed for gateway security, is vulnerable to a path traversal attack. Specifically, versions 3.3.25 and earlier are affected by CVE-2026-34790. An authenticated user, with low-level privileges, can exploit this vulnerability to delete arbitrary files on the system. The flaw resides in the /cgi-bin/backup.cgi script where the remove ARCHIVE parameter is not properly sanitized. This allows an attacker to inject directory traversal sequences (e.g., ../) into the file path, bypassing intended restrictions. This can lead to deletion of sensitive files, potentially disrupting system operations or facilitating further malicious activities. The vulnerability was reported in April 2026.

Attack Chain

An attacker authenticates to the Endian Firewall web interface.
The attacker crafts a malicious HTTP request targeting /cgi-bin/backup.cgi.
The request includes the remove ARCHIVE parameter with a payload containing directory traversal sequences (e.g., ../../../../etc/shadow).
The /cgi-bin/backup.cgi script receives the request and constructs a file path using the unsanitized remove ARCHIVE parameter.
The script calls the unlink() function with the attacker-controlled file path.
The unlink() function deletes the file specified by the manipulated path.
The attacker repeats this process to delete other critical system files.
This can lead to a denial-of-service condition, data loss, or the potential for further system compromise.

Impact

Successful exploitation of this vulnerability allows an attacker to delete arbitrary files on the Endian Firewall system. This can result in a denial-of-service (DoS) condition if critical system files are removed. An attacker may target configuration files, logs, or even binaries, leading to system instability or the disabling of security features. The number of potential victims is dependent on the number of Endian Firewall deployments running vulnerable versions (3.3.25 and prior). Given that Endian Firewall is often used in small to medium-sized businesses, the impact could range from disruption of network services to potential data breaches, depending on the specific files targeted.

Recommendation

Apply available patches or upgrade to a version of Endian Firewall that addresses CVE-2026-34790 to remediate the vulnerability.
Monitor web server logs for requests to /cgi-bin/backup.cgi containing directory traversal sequences (e.g., ../, ..\\) in the remove ARCHIVE parameter using the provided Sigma rule “Detect Endian Firewall Path Traversal Attempt”.
Implement input validation and sanitization on all user-supplied input, especially within CGI scripts like /cgi-bin/backup.cgi, to prevent path traversal attacks.
Restrict access to the Endian Firewall web interface to trusted networks or users and enforce strong authentication measures.
Regularly back up the Endian Firewall configuration and critical system files to mitigate the impact of potential data loss due to successful exploitation.

SillyTavern Path Traversal Vulnerability in Chat Endpoints

hello@craftedsignal.io — Thu, 02 Apr 2026 12:00:00 +0000

SillyTavern, a local web UI for large language models, is vulnerable to a path traversal attack. This vulnerability, affecting versions 1.16.0 and earlier, stems from insufficient input validation in the avatar_url parameter of the /api/chats/export and /api/chats/delete endpoints. An authenticated attacker can exploit this flaw to read or delete arbitrary files within the user’s data directory. The vulnerability exists because the application fails to adequately sanitize path traversal sequences like .. when constructing file paths. This can lead to the exposure of sensitive information such as secrets.json and settings.json, or the deletion of crucial user data, particularly in multi-user or remotely-accessible deployments. The vulnerability was patched in version 1.17.0 and assigned CVE-2026-34524.

Attack Chain

The attacker authenticates to the SillyTavern application using valid credentials, obtaining a session cookie and CSRF token.
The attacker crafts a malicious HTTP request targeting the /api/chats/export or /api/chats/delete endpoint.
The attacker sets the avatar_url parameter in the request body to a path traversal sequence, such as .., to navigate outside the intended “chats” directory.
In the /api/chats/export endpoint, the attacker specifies the file parameter to point to the desired file to read, such as secrets.json.
The server-side application uses path.join to concatenate the user’s chats directory with the attacker-controlled avatar_url and file parameters, resulting in path traversal.
The application reads the contents of the file specified by the attacker.
In the /api/chats/delete endpoint, the attacker specifies the chatfile parameter to point to the desired file to delete, such as settings.json.
The application deletes the file specified by the attacker.

Impact

Successful exploitation of this vulnerability can have significant consequences. Attackers can gain unauthorized access to sensitive configuration files like secrets.json, potentially exposing API keys, passwords, and other confidential information. Furthermore, the ability to delete arbitrary files allows attackers to disrupt the application’s functionality or even render a user’s account unusable by deleting critical files such as settings.json. The risk is amplified in multi-user environments or remotely-accessible deployments, where the impact can extend to multiple users.

Recommendation

Upgrade to SillyTavern version 1.17.0 or later to patch CVE-2026-34524.
Deploy the Sigma rule “Detect SillyTavern Path Traversal Attempt via API Export” to detect attempts to exploit the /api/chats/export endpoint by monitoring for path traversal sequences in the cs-uri-query field.
Deploy the Sigma rule “Detect SillyTavern Path Traversal Attempt via API Delete” to detect attempts to exploit the /api/chats/delete endpoint by monitoring for path traversal sequences in the cs-uri-query field.
Review web server access logs for unusual requests to /api/chats/export or /api/chats/delete with suspicious avatar_url parameters.

Tina CMS Path Traversal Vulnerability (CVE-2026-34603)

hello@craftedsignal.io — Wed, 01 Apr 2026 17:28:41 +0000

Tina CMS, a headless content management system, is susceptible to a path traversal vulnerability in versions prior to 2.2.2. The vulnerability, identified as CVE-2026-34603, stems from insufficient validation of symlink and junction targets within the @tinacms/cli media routes. Although lexical path-traversal checks were implemented, they only validate the path string without resolving symlinks or junctions. This flaw enables attackers to bypass intended security measures and perform unauthorized file system operations, potentially leading to sensitive data exposure or system compromise. This vulnerability has been addressed in version 2.2.2. Defenders should prioritize upgrading to the patched version to mitigate the risk.

Attack Chain

Attacker identifies a Tina CMS instance running a version prior to 2.2.2.
Attacker crafts a malicious HTTP request targeting a media route.
The crafted request includes a path containing a symlink or junction pointing outside the intended media root directory (e.g., pivot/written-from-media.txt).
Tina CMS validates the path string but fails to resolve the symlink or junction.
The application incorrectly determines that the path is within the allowed media directory.
The application performs file system operations (listing, writing, or deleting) based on the attacker-supplied path.
The file system operation is executed outside the intended media root due to the resolved symlink or junction.
Attacker gains unauthorized access to sensitive files or directories, potentially leading to data exfiltration, modification, or deletion.

Impact

Successful exploitation of CVE-2026-34603 can lead to unauthorized access to sensitive files and directories on the server hosting Tina CMS. An attacker could list, read, write, or delete files outside the intended media root, potentially leading to data exfiltration, website defacement, or even complete system compromise. The impact is particularly significant if the affected server stores sensitive information or is critical to business operations. The number of potential victims is currently unknown, but any organization using vulnerable versions of Tina CMS is at risk.

Recommendation

Upgrade Tina CMS to version 2.2.2 or later to patch CVE-2026-34603.
Implement web application firewall (WAF) rules to detect and block suspicious requests containing path traversal sequences targeting media routes.
Monitor web server access logs for unusual file access patterns and path traversal attempts. Deploy the provided Sigma rule to detect potential exploitation attempts.

Sanster IOPaint Path Traversal Vulnerability (CVE-2026-5258)

hello@craftedsignal.io — Wed, 01 Apr 2026 07:16:02 +0000

Sanster IOPaint version 1.5.3 is vulnerable to a path traversal flaw (CVE-2026-5258) within its File Manager component. The vulnerability resides in the _get_file function located in iopaint/file_manager/file_manager.py. By crafting a malicious request and manipulating the filename argument, an unauthenticated attacker can bypass directory restrictions and potentially read sensitive files on the server. Publicly available exploits exist, increasing the urgency for patching or mitigating this vulnerability. The vendor was notified but did not respond.

Attack Chain

An attacker identifies a Sanster IOPaint 1.5.3 instance running a vulnerable server.
The attacker crafts a malicious HTTP request targeting the file retrieval endpoint of the File Manager component.
Within the request, the attacker manipulates the filename parameter to include path traversal sequences (e.g., ../, ..%2f).
The server-side application, specifically the _get_file function in iopaint/file_manager/file_manager.py, receives the request with the tainted filename.
Due to insufficient input validation and sanitization, the application incorrectly constructs the file path.
The application attempts to read a file from a location outside the intended directory, based on the attacker-controlled path.
If successful, the application returns the contents of the arbitrary file in the HTTP response.
The attacker receives the content of the targeted file, potentially containing sensitive information or configuration data.

Impact

Successful exploitation of this path traversal vulnerability (CVE-2026-5258) allows an attacker to read arbitrary files on the server hosting Sanster IOPaint. This can lead to the disclosure of sensitive information, such as application source code, configuration files containing database credentials, or user data. The impact depends on the permissions of the user account running the application. If the application runs with elevated privileges, the attacker may be able to access system-level files, potentially leading to further compromise of the server.

Recommendation

Deploy the Sigma rule Detect IOPaint Path Traversal Attempt to detect exploitation attempts based on suspicious URL encoding in web server logs.
Implement strict input validation and sanitization on the filename parameter within the _get_file function to prevent path traversal attacks as described in CVE-2026-5258.
Consider using a web application firewall (WAF) with rules designed to block path traversal attempts.
Upgrade to a patched version of Sanster IOPaint as soon as one becomes available to remediate CVE-2026-5258.

DELMIA Factory Resource Manager Path Traversal Vulnerability (CVE-2025-10559)

hello@craftedsignal.io — Tue, 31 Mar 2026 09:16:21 +0000

CVE-2025-10559 is a critical path traversal vulnerability found in the DELMIA Factory Resource Manager, impacting versions from 3DEXPERIENCE R2023x to R2025x. This vulnerability allows an attacker with low-level privileges (authenticated user) to manipulate file paths and potentially read or write arbitrary files within specific directories on the server. This can be exploited to read sensitive configuration files, overwrite critical system files, or potentially achieve remote code execution…

SciTokens Library Path Traversal Vulnerability (CVE-2026-32727)

hello@craftedsignal.io — Tue, 31 Mar 2026 03:15:57 +0000

The SciTokens library, a reference implementation for generating and using SciTokens, is susceptible to a path traversal vulnerability affecting versions prior to 1.9.7. This vulnerability, identified as CVE-2026-32727, stems from the library’s Enforcer component. An attacker can exploit this flaw by crafting a malicious token containing a scope claim with “dot-dot” (..) sequences. These sequences allow the attacker to navigate outside the intended directory restriction, potentially accessing…

TinaCMS GraphQL Path Traversal Vulnerability

hello@craftedsignal.io — Mon, 30 Mar 2026 17:11:02 +0000

A path traversal vulnerability has been identified in versions 2.2.1 and earlier of @tinacms/graphql, a GraphQL API for TinaCMS. This flaw enables unauthenticated attackers to write and overwrite arbitrary files within the project root directory. The vulnerability stems from insufficient validation of the relativePath parameter within GraphQL mutations. By exploiting this weakness, attackers can overwrite critical server configuration files like package.json and tsconfig.json, inject malicious scripts into the public/ directory, and even achieve arbitrary code execution by modifying build scripts or server-side logic files. This vulnerability poses a significant risk to systems utilizing vulnerable versions of @tinacms/graphql.

Attack Chain

An attacker identifies a TinaCMS instance running a vulnerable version of @tinacms/graphql (<= 2.2.1).
The attacker crafts a malicious GraphQL mutation request targeting the updateDocument mutation.
Within the mutation, the attacker manipulates the relativePath parameter to include a path traversal sequence, such as x\\\\..\\\\..\\\\..\\\\package.json. The backslashes are misinterpreted on non-Windows systems.
The vulnerable getValidatedPath function fails to properly sanitize the malicious path due to the backslash bypass on non-Windows platforms.
The request is processed, and the server attempts to write to the attacker-specified file path.
The file system API resolves the path traversal sequence, leading to a write operation outside the intended directory.
The attacker overwrites a critical file, such as package.json, with malicious content.
The server or build process executes the modified file, resulting in arbitrary code execution or other malicious behavior.

Impact

Successful exploitation of this vulnerability allows unauthenticated attackers to perform arbitrary file writes, leading to several critical consequences. Attackers can overwrite server configuration files, inject malicious scripts for client-side attacks, and achieve arbitrary code execution by modifying build scripts or server-side logic. The impact ranges from denial of service to complete system compromise. While the exact number of affected systems is unknown, all TinaCMS instances running @tinacms/graphql version 2.2.1 or earlier are susceptible.

Recommendation

Upgrade @tinacms/graphql to a patched version (later than 2.2.1) to remediate CVE-2026-33949.
Deploy the Sigma rule Detect TinaCMS GraphQL Path Traversal Attempt to identify attempted exploitation of the vulnerability.
Monitor web server logs for POST requests to the /graphql endpoint containing suspicious relativePath parameters.
Implement strict input validation and sanitization for file paths within GraphQL mutations, regardless of the underlying operating system.

CVE-2026-2328 Unauthenticated Path Traversal Vulnerability

hello@craftedsignal.io — Mon, 30 Mar 2026 08:16:17 +0000

CVE-2026-2328 is a critical vulnerability that allows an unauthenticated remote attacker to perform path traversal attacks due to insufficient input validation. This flaw enables unauthorized access to backend components, potentially exposing sensitive information. The vulnerability was published on March 30, 2026, and assigned a CVSS v3.1 score of 7.5. The vulnerability stems from inadequate input sanitization, permitting attackers to manipulate file paths and access restricted areas of the…

LangChain Core Path Traversal Vulnerability in Legacy APIs

hello@craftedsignal.io — Sat, 28 Mar 2026 10:00:00 +0000

Multiple path traversal vulnerabilities have been identified within the langchain-core package, specifically affecting the legacy load_prompt, load_prompt_from_config, and .save() methods. These vulnerabilities stem from a lack of validation on file paths embedded within deserialized configuration dictionaries. An attacker who can influence or control the prompt configuration supplied to these functions can exploit this flaw to read arbitrary files on the host filesystem. The scope is constrained by file extension checks, limiting readable files to .txt for templates and .json or .yaml for examples. This issue impacts applications that accept prompt configurations from untrusted sources, such as low-code AI builders and API wrappers exposing load_prompt_from_config(). The vulnerable code resides within langchain_core/prompts/loading.py in the _load_template(), _load_examples(), and _load_few_shot_prompt() functions. This vulnerability is resolved in langchain-core version 1.2.22, and the affected functions are now deprecated.

Attack Chain

Attacker identifies an application using the vulnerable langchain-core library and the legacy load_prompt_from_config() function.
Attacker crafts a malicious prompt configuration dictionary containing a template_path, suffix_path, prefix_path, examples, or example_prompt_path key with a path traversal sequence (e.g., ../../etc/passwd) or an absolute path (e.g., /etc/passwd).
The attacker injects the malicious configuration into the application, potentially via a low-code AI builder or an API endpoint that accepts prompt configurations.
The application deserializes the malicious configuration dictionary and passes it to load_prompt_from_config().
load_prompt_from_config() calls the relevant vulnerable function (_load_template(), _load_examples(), or _load_few_shot_prompt()) based on the configuration.
The vulnerable function reads the file specified in the malicious path without proper validation.
The contents of the file are then incorporated into a prompt object.
The application, believing the prompt is benign, processes it further, potentially disclosing the file contents to the attacker via an error message, logging, or other output channels.

Impact

Successful exploitation allows an attacker to read arbitrary files on the system, potentially exposing sensitive information. This includes cloud-mounted secrets (e.g., /mnt/secrets/api_key.txt), configuration files (e.g., requirements.txt), cloud credentials (e.g., ~/.docker/config.json), Kubernetes manifests, CI/CD configurations, and application settings. The impact is especially severe in applications that handle sensitive data or operate in cloud environments. While no victim numbers are available, any application using the vulnerable langchain-core versions is at risk.

Recommendation

Upgrade langchain-core to version 1.2.22 or later to patch CVE-2026-34070.
Migrate away from the deprecated load_prompt, load_prompt_from_config, and .save() methods in favor of the dumpd/dumps/load/loads serialization APIs in langchain_core.load.
If you cannot immediately upgrade, sanitize user-supplied prompt configurations to prevent path traversal by rejecting absolute paths and paths containing .. sequences.
Deploy the Sigma rule “LangChain Path Traversal Attempt” to detect attempts to exploit this vulnerability by monitoring process creations involving python and path traversal sequences in command line arguments.

@mobilenext/mobile-mcp Path Traversal Vulnerability

hello@craftedsignal.io — Fri, 27 Mar 2026 19:13:17 +0000

The @mobilenext/mobile-mcp npm package, versions prior to 0.0.49, contains a critical path traversal vulnerability. This flaw stems from the mobile_save_screenshot and mobile_start_screen_recording tools which improperly handle user-supplied paths. Specifically, the saveTo parameter in mobile_save_screenshot and the output parameter in mobile_start_screen_recording are passed directly to filesystem write operations without adequate validation. This oversight enables a malicious actor to write arbitrary files to locations outside of the intended workspace. A successful exploit of this vulnerability allows for the potential overwriting of sensitive system files, enabling privilege escalation and persistence on the host system.

Attack Chain

An attacker gains control over the saveTo or output parameter of the vulnerable functions. This could be achieved through a malicious application, supply chain attack, or other means of code injection.
The attacker crafts a path containing traversal sequences (e.g., ../) designed to navigate outside of the intended save directory.
The attacker calls the mobile_save_screenshot or mobile_start_screen_recording tool with the manipulated path as the saveTo or output parameter, respectively.
The vulnerable function passes the attacker-controlled path to fs.writeFileSync() without validation.
fs.writeFileSync() writes the screenshot or screen recording data to the attacker-specified path.
If the path leads to a sensitive system file (e.g., ~/.bashrc, ~/.ssh/authorized_keys), it is overwritten with the contents of the screenshot or screen recording.
The attacker can overwrite configuration files or executables in order to achieve code execution.
The attacker achieves persistence and/or elevated privileges on the system.

Impact

Successful exploitation of this path traversal vulnerability can have severe consequences. An attacker can overwrite critical system files, such as shell configuration files (.bashrc, .zshrc), SSH authorized keys (.ssh/authorized_keys), or application configuration files. This can lead to arbitrary code execution, privilege escalation, and persistent backdoor access to the affected system. The reported impact includes potential for a broken shell and unauthorized access. All users of @mobilenext/mobile-mcp versions prior to 0.0.49 are vulnerable.

Recommendation

Upgrade to @mobilenext/mobile-mcp version 0.0.49 or later to remediate the vulnerability.
Implement robust input validation for all file paths used in file system operations. Specifically, validate the saveTo and output parameters of the mobile_save_screenshot and mobile_start_screen_recording functions.
Deploy the Sigma rule “Detect Mobile-MCP Path Traversal Attempts” to your SIEM to detect attempts to exploit this vulnerability.
Monitor application logs for unusual file access patterns or attempts to write to sensitive system directories.

Path Traversal Vulnerability in API File Upload Endpoint (CVE-2026-5027)

hello@craftedsignal.io — Fri, 27 Mar 2026 15:17:04 +0000

CVE-2026-5027 exposes a critical vulnerability in the ‘POST /api/v2/files’ endpoint, where the ‘filename’ parameter within multipart form data is not properly sanitized. This flaw allows an attacker to manipulate the filename by injecting path traversal sequences such as ‘../’, leading to the ability to write files to arbitrary locations on the server’s filesystem. This vulnerability was reported by Tenable Network Security, Inc. and has a CVSS v3.1 base score of 8.8 (HIGH). Successful…

Sharp CMS Path Traversal Vulnerability (CVE-2026-33686)

hello@craftedsignal.io — Thu, 26 Mar 2026 22:16:31 +0000

Sharp CMS, a content management framework built for Laravel, is vulnerable to a path traversal attack. This vulnerability affects versions prior to 9.20.0 and stems from the FileUtil class not properly sanitizing file extensions. The flaw allows attackers to manipulate file paths by injecting path separators, potentially leading to unauthorized file access or manipulation within the storage layer. The vulnerability resides in the FileUtil::explodeExtension() function within…

Langflow Path Traversal Vulnerability (CVE-2026-33497)

hello@craftedsignal.io — Wed, 25 Mar 2026 12:00:00 +0000

Langflow, a tool designed for building and deploying AI-powered agents and workflows, is vulnerable to a path traversal attack (CVE-2026-33497) in versions prior to 1.7.1. The vulnerability resides within the download_profile_picture function of the /profile_pictures/{folder_name}/{file_name} endpoint. Due to inadequate filtering of the folder_name and file_name parameters, an attacker can manipulate these inputs to traverse directories and potentially access sensitive files, including…

Census CSWeb 8.0.1 Path Traversal Vulnerability (CVE-2025-60946)

hello@craftedsignal.io — Tue, 24 Mar 2026 12:00:00 +0000

Census CSWeb 8.0.1 is vulnerable to path traversal (CVE-2025-60946). A remote, authenticated attacker can supply arbitrary file path input and access unintended file directories. This allows the attacker to read sensitive files or potentially overwrite existing files, leading to information disclosure or code execution. The vulnerability was reported on March 23, 2026, and is fixed in version 8.1.0 alpha. Defenders should upgrade to the patched version to prevent potential exploitation of this…

Spring Cloud Config Server Path Traversal Vulnerability (CVE-2026-22739)

hello@craftedsignal.io — Tue, 24 Mar 2026 01:17:00 +0000

CVE-2026-22739 describes a path traversal vulnerability affecting Spring Cloud Config Server. The vulnerability arises when the Config Server is configured with the native file system backend and processes a request containing a profile parameter. An attacker can manipulate this parameter to access files outside the intended search directories. This issue impacts Spring Cloud versions 3.1.x before 3.1.13, 4.1.x before 4.1.9, 4.2.x before 4.2.3, 4.3.x before 4.3.2, and 5.0.x before 5.0.2. This…

Tekton Pipelines Git Resolver Path Traversal Vulnerability

hello@craftedsignal.io — Tue, 24 Mar 2026 00:16:29 +0000

The Tekton Pipelines project provides Kubernetes-style resources for declaring CI/CD pipelines. A path traversal vulnerability exists in the git resolver component, tracked as CVE-2026-33211. This vulnerability affects Tekton Pipelines versions 1.0.0 and prior to 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2. An attacker with the ability to create ResolutionRequests (e.g., through TaskRuns or PipelineRuns that utilize the git resolver) can exploit this flaw to read any file from the resolver pod’s file system. A successful exploit allows attackers to retrieve sensitive information, such as ServiceAccount tokens, which are base64-encoded and returned in resolutionrequest.status.data. The vulnerability has been patched in versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2. This poses a significant risk in multi-tenant environments where lateral movement and privilege escalation are possible.

Attack Chain

An attacker gains the ability to create TaskRuns or PipelineRuns within a Tekton Pipelines environment.
The attacker crafts a malicious ResolutionRequest that leverages the git resolver.
Within the ResolutionRequest, the attacker injects a path traversal sequence into the pathInRepo parameter, such as “../../../../etc/passwd”.
The git resolver attempts to resolve the resource using the provided path.
Due to the path traversal vulnerability, the resolver accesses the file specified by the attacker on the resolver pod’s file system.
The contents of the accessed file are read by the resolver.
The resolver encodes the file content in base64.
The base64-encoded content is returned in the resolutionrequest.status.data field, allowing the attacker to retrieve the content. This can include sensitive files such as ServiceAccount tokens.

Impact

Successful exploitation of CVE-2026-33211 allows attackers to read arbitrary files from the Tekton Pipelines resolver pod. This can lead to the compromise of sensitive information, including ServiceAccount tokens. If ServiceAccount tokens are compromised, attackers can potentially gain unauthorized access to Kubernetes resources, leading to privilege escalation, lateral movement within the cluster, and potential data exfiltration. The impact is especially high in multi-tenant environments.

Recommendation

Upgrade Tekton Pipelines to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, or 1.10.2 or later to patch CVE-2026-33211.
Implement strict RBAC policies to limit the ability to create TaskRuns and PipelineRuns to only authorized users and service accounts.
Monitor Kubernetes API audit logs for suspicious ResolutionRequest creation events (see rule: “Detect Suspicious ResolutionRequest Creation”).
Implement network policies to restrict network access from the resolver pod to only necessary resources.

Salvo Web Framework Path Traversal Vulnerability

hello@craftedsignal.io — Tue, 24 Mar 2026 00:16:29 +0000

Salvo, a Rust web framework, is vulnerable to a path traversal and access control bypass in versions 0.39.0 through 0.89.2. This vulnerability, identified as CVE-2026-33242, resides within the salvo-proxy component. The flaw allows unauthenticated, remote attackers to circumvent proxy routing restrictions and gain access to backend resources that should be protected. The root cause is the encode_url_path function’s failure to properly sanitize “../” sequences within URLs. This leads to the sequences being passed directly to the upstream server without re-encoding, thus bypassing intended access controls. Organizations using affected versions of Salvo are vulnerable until they upgrade to version 0.89.3, which contains the necessary patch.

Attack Chain

An unauthenticated attacker identifies a Salvo web server running a vulnerable version (0.39.0 - 0.89.2).
The attacker crafts a malicious HTTP request targeting a proxied endpoint.
The crafted request includes a URL containing “../” sequences to traverse directories outside the intended proxy path.
The encode_url_path function fails to properly normalize or re-encode the “../” sequence.
The unsanitized URL is forwarded to the upstream server behind the proxy.
The upstream server processes the request, granting access to unintended files or endpoints due to the path traversal.
The attacker gains unauthorized access to sensitive information, protected functionalities, or administrative interfaces.
The attacker may further exploit the compromised resource to escalate privileges or compromise the entire system.

Impact

Successful exploitation of this vulnerability allows unauthenticated attackers to bypass intended access controls and access sensitive backend resources. The CVSS v3.1 score is 7.5. This could lead to exposure of confidential data, unauthorized modification of system settings, or complete system compromise, depending on the nature of the accessible resources. The number of affected deployments is currently unknown but depends on the adoption rate of the Salvo framework.

Recommendation

Upgrade Salvo to version 0.89.3 or later to patch CVE-2026-33242.
Implement web application firewall (WAF) rules to detect and block requests containing “../” sequences in the URL, mitigating potential path traversal attempts.
Deploy the Sigma rules provided below to your SIEM to detect exploitation attempts targeting this vulnerability.
Review and harden proxy configurations to ensure proper input validation and sanitization of URLs.

UniFi Network Application Vulnerabilities CVE-2026-22557 and CVE-2026-22558

hello@craftedsignal.io — Sat, 21 Mar 2026 12:00:00 +0000

The UniFi Network Application, a central platform for managing network devices across enterprise and SMB environments, is affected by two critical vulnerabilities: CVE-2026-22557 (Path Traversal) and CVE-2026-22558 (Authenticated NoSQL Injection). These vulnerabilities impact Official Release versions 10.1.85 and earlier, Release Candidate versions 10.2.93 and earlier, and UniFi Express (UX) versions 9.0.114 and earlier. Exploitation of CVE-2026-22557 enables attackers to access and manipulate…

Evolver Path Traversal Vulnerability in `fetch` Command

hello@craftedsignal.io — Sat, 10 Aug 2024 12:00:00 +0000

The @evomap/evolver package contains a path traversal vulnerability in its fetch command, specifically affecting versions prior to 1.69.3. This flaw arises from the insufficient validation of user-supplied paths provided via the --out flag. By manipulating this flag, attackers can bypass intended directory restrictions and write files to arbitrary locations on the filesystem. This can lead to critical system file modification, potentially leading to privilege escalation and persistent backdoor installation. The vulnerability exists in the index.js file, where the application processes the --out flag without proper sanitization before writing files to the specified directory. This is particularly concerning in automated environments like CI/CD pipelines where user input might be indirectly injected into the fetch command.

Attack Chain

The attacker gains control over the input to the fetch command, including the --out flag.
The attacker crafts a malicious --out parameter containing path traversal sequences (e.g., ../../../).
The fetch command in index.js processes the --out flag and extracts the user-provided path without validation.
The application attempts to create the directory specified by the manipulated --out flag using fs.mkdirSync with the recursive option.
The application writes files (e.g., downloaded skill files) to the directory specified in the --out parameter using fs.writeFileSync, effectively writing to an arbitrary location.
If the attacker has sufficient privileges, they can overwrite critical system files or create new files in sensitive directories like /etc/cron.d.
The attacker leverages the modified files to achieve persistence (e.g., by creating a cron job).
The attacker executes malicious code, gaining unauthorized access or escalating privileges.

Impact

Successful exploitation of this vulnerability allows an attacker to write files to arbitrary locations on the filesystem. This can lead to several critical consequences, including overwriting system configuration files, installing persistent backdoors via cron jobs, modifying SSH authorized_keys for unauthorized access, and potentially achieving privilege escalation if the affected process runs with elevated privileges. The impact is particularly severe in automated environments where this tool is used to deploy code, as it opens the door for supply chain attacks. This issue affects users of @evomap/evolver prior to version 1.69.3.

Recommendation

Upgrade the @evomap/evolver package to version 1.69.3 or later to remediate the path traversal vulnerability.
Deploy the Sigma rule Detect Evolver Path Traversal Attempt to identify exploitation attempts based on command-line arguments.
Monitor process creation events for command-line arguments containing path traversal sequences like ../ when executing node or nodejs related to evolver.

SimpleHelp Path Traversal Vulnerability (CVE-2024-57728)

hello@craftedsignal.io — Tue, 25 Jun 2024 10:00:00 +0000

A path traversal vulnerability exists within SimpleHelp, identified as CVE-2024-57728. This flaw enables authenticated administrators to upload arbitrary files to any location on the server’s file system. This is achieved through the use of a specially crafted ZIP archive (a technique known as Zip Slip). Successful exploitation allows an attacker to execute arbitrary code within the security context of the SimpleHelp server user. The vulnerability impacts SimpleHelp versions 5.5.7 and earlier. Defenders should apply vendor-provided mitigations or discontinue use of the software.

Attack Chain

An attacker gains administrative access to the SimpleHelp console, either through compromised credentials or exploiting a separate authentication bypass.
The attacker crafts a malicious ZIP archive containing a file with a path traversal sequence (e.g., “../../ malicious.exe”) in its filename.
The attacker uploads the crafted ZIP archive to the SimpleHelp server through a file upload functionality available to administrators.
The SimpleHelp server extracts the contents of the ZIP archive without proper validation of the file paths.
The file with the path traversal sequence is extracted to an arbitrary location on the file system outside of the intended upload directory.
The attacker leverages a method to execute the uploaded malicious executable. This could involve overwriting an existing system utility or service executable.
The malicious executable runs with the privileges of the SimpleHelp server user.
The attacker achieves arbitrary code execution on the host, potentially leading to complete system compromise, data exfiltration, or deployment of ransomware.

Impact

Successful exploitation of CVE-2024-57728 allows an attacker to execute arbitrary code on the SimpleHelp server with the privileges of the SimpleHelp service account. This can result in a full compromise of the SimpleHelp server, potentially leading to data theft, service disruption, or further lateral movement within the network. The vulnerability affects SimpleHelp installations, and the impact is high due to the potential for complete system takeover.

Recommendation

Apply the mitigations provided by SimpleHelp to patch the vulnerability. Refer to the vendor advisory for instructions: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier
Monitor SimpleHelp server file uploads for ZIP archives containing path traversal sequences (e.g., “../”) in filenames using a file integrity monitoring system (FIM) or endpoint detection and response (EDR) solution. Deploy the “Detect SimpleHelp Path Traversal ZIP Upload” Sigma rule to identify suspicious ZIP files.
Implement strict access controls and regularly audit administrative access to the SimpleHelp console to prevent unauthorized users from exploiting the vulnerability.

Samsung MagicINFO 9 Server Path Traversal Vulnerability (CVE-2024-7399)

hello@craftedsignal.io — Wed, 19 Jun 2024 12:00:00 +0000

A critical path traversal vulnerability, identified as CVE-2024-7399, affects Samsung MagicINFO 9 Server. This flaw could be exploited by an attacker to write arbitrary files to the server with system-level privileges. Successful exploitation could lead to a complete compromise of the MagicINFO server, potentially allowing attackers to execute arbitrary code, install backdoors, or manipulate data stored on the server. Given the potential for widespread impact, organizations utilizing MagicINFO 9 Server should prioritize patching or mitigating this vulnerability immediately. The vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) catalog, highlighting its active exploitation risk.

Attack Chain

The attacker identifies a vulnerable MagicINFO 9 Server instance exposed to the network.
The attacker crafts a malicious HTTP request containing a path traversal sequence (e.g., “../”) in a file upload or download parameter.
The server improperly processes the path, failing to sanitize the input and allowing the attacker to traverse outside the intended directory.
The attacker uses the path traversal vulnerability to write a malicious file (e.g., a web shell or executable) to a sensitive directory, such as the web server’s root directory or a startup folder.
The attacker executes the malicious file, gaining arbitrary code execution on the server with system privileges.
The attacker establishes a persistent backdoor for future access, potentially installing tools for lateral movement and privilege escalation.
The attacker leverages their system privileges to access sensitive data, modify system configurations, or launch further attacks against the internal network.

Impact

Successful exploitation of CVE-2024-7399 can lead to complete system compromise, potentially affecting all connected displays and content managed by the MagicINFO server. This could result in unauthorized access to sensitive data, disruption of digital signage operations, and the potential for further attacks against the organization’s internal network. The vulnerability has been added to the CISA KEV catalog, indicating active exploitation, and therefore a high risk of exploitation.

Recommendation

Apply the mitigations provided by Samsung as described in their security update (https://security.samsungtv.com/securityUpdates).
If mitigations are unavailable, discontinue use of the product, as suggested by CISA.
Monitor web server logs for suspicious requests containing path traversal sequences (e.g., “../”) targeting the MagicINFO server. Use the MagicINFO Path Traversal Attempt Sigma rule to detect such attempts in web server logs.
Implement strict input validation and sanitization for all file upload and download functionalities on the MagicINFO server.
Monitor for the creation of unexpected files in sensitive directories, such as web server root directories or system startup folders. Use the Suspicious File Creation in Web Directories Sigma rule to detect such activity.

JetBrains TeamCity Relative Path Traversal Vulnerability (CVE-2024-27199)

hello@craftedsignal.io — Mon, 29 Apr 2024 12:00:00 +0000

CVE-2024-27199 is a relative path traversal vulnerability affecting JetBrains TeamCity, a continuous integration and deployment server. This vulnerability allows attackers to perform limited administrative actions by manipulating file paths. JetBrains released a patch for this vulnerability in version 2023.11.4. CISA has added CVE-2024-27199 to its Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild, including its use in ransomware attacks. The vulnerability poses a significant risk to organizations using TeamCity, potentially leading to unauthorized access, data breaches, and system compromise.

Attack Chain

The attacker identifies a vulnerable TeamCity server exposed to the internet.
The attacker crafts a malicious HTTP request containing a relative path traversal sequence (e.g., ../../) within a URL parameter related to administrative functions.
The TeamCity server processes the crafted request without proper sanitization of the file path.
The relative path traversal allows the attacker to access or modify restricted files or directories outside the intended scope.
The attacker leverages the ability to perform limited admin actions, potentially modifying user permissions or injecting malicious code.
The attacker escalates privileges, gaining full control over the TeamCity server.
The attacker deploys ransomware to connected systems, encrypting data and demanding a ransom for its release.

Impact

Successful exploitation of CVE-2024-27199 can lead to complete compromise of the TeamCity server and connected build agents. Due to TeamCity’s central role in software development and deployment pipelines, this can lead to significant disruption, data loss, and potential supply chain attacks. The vulnerability has been linked to ransomware attacks, causing financial losses, reputational damage, and operational downtime for affected organizations.

Recommendation

Apply the vendor-supplied patch by upgrading to TeamCity version 2023.11.4 or later to remediate CVE-2024-27199 (https://www.jetbrains.com/privacy-security/issues-fixed/).
Deploy the Sigma rules provided in this brief to detect exploitation attempts against TeamCity servers.
Follow CISA’s BOD 22-01 guidance for cloud services to ensure proper security configurations and monitoring are in place.

ConnectWise ScreenConnect Path Traversal Vulnerability (CVE-2024-1708)

hello@craftedsignal.io — Mon, 29 Apr 2024 12:00:00 +0000

CVE-2024-1708 is a critical path traversal vulnerability affecting ConnectWise ScreenConnect. This flaw could allow an unauthenticated attacker to execute remote code or directly access confidential data and critical systems. ConnectWise released security bulletin 23.9.8 to address this vulnerability. Given the potential for remote code execution and data compromise, this vulnerability poses a significant risk to organizations using ConnectWise ScreenConnect, potentially allowing full system takeover. CISA added this to their KEV catalog and recommends applying mitigations per vendor instructions, following BOD 22-01 guidance for cloud services, or discontinuing use of the product if mitigations are unavailable.

Attack Chain

An unauthenticated attacker identifies a ConnectWise ScreenConnect server exposed to the internet.
The attacker crafts a malicious HTTP request containing a path traversal payload targeting a vulnerable endpoint within ScreenConnect. This payload is designed to bypass authentication checks.
The ScreenConnect server processes the malicious request, and the path traversal vulnerability allows the attacker to access files outside of the intended webroot directory.
The attacker leverages the file access to read sensitive configuration files, potentially containing credentials or other sensitive information.
Alternatively, the attacker uploads a malicious executable (e.g., a web shell) to a writeable directory accessible via path traversal.
The attacker executes the uploaded web shell, gaining remote code execution on the ScreenConnect server.
The attacker uses the compromised ScreenConnect server as a pivot point to move laterally within the internal network, escalating privileges and compromising additional systems.
The attacker exfiltrates sensitive data or deploys ransomware, disrupting business operations and causing significant financial damage.

Impact

Successful exploitation of CVE-2024-1708 can lead to complete compromise of ConnectWise ScreenConnect servers and potentially the entire network. Attackers could exfiltrate sensitive data, deploy ransomware, or use the compromised systems for lateral movement. Given the widespread use of ScreenConnect in MSP environments, a successful attack could impact numerous downstream clients, causing widespread disruption.

Recommendation

Apply the mitigations provided by ConnectWise in security bulletin 23.9.8 to patch CVE-2024-1708.
Deploy the Sigma rule “Detect Suspicious ScreenConnect Path Traversal Attempts” to identify potential exploitation attempts in web server logs.
Monitor network traffic for suspicious outbound connections originating from ScreenConnect servers, as this could indicate post-exploitation activity.
Review and harden the configuration of ConnectWise ScreenConnect servers, following security best practices to minimize the attack surface.

Kentico Xperience Path Traversal Vulnerability (CVE-2025-2749)

hello@craftedsignal.io — Tue, 30 Jan 2024 12:00:00 +0000

CVE-2025-2749 is a path traversal vulnerability affecting Kentico Xperience, a digital experience platform. This vulnerability allows an authenticated user, specifically one with access to the Staging Sync Server, to upload arbitrary data to path-relative locations on the server. The vulnerability stems from insufficient validation of file paths during the staging synchronization process. Successful exploitation of this vulnerability could lead to arbitrary file uploads, potentially overwriting critical system files or introducing malicious code. This could enable an attacker to achieve remote code execution, compromise sensitive data, or disrupt the availability of the Kentico Xperience instance. Due to the potential for significant impact, organizations using Kentico Xperience should apply mitigations as soon as possible.

Attack Chain

An attacker gains valid credentials for a Kentico Xperience user account that has access to the Staging Sync Server.
The attacker crafts a malicious payload containing a path traversal sequence (e.g., “../../../”) within the file path.
The attacker initiates a staging synchronization process, sending the crafted payload to the Staging Sync Server.
The Staging Sync Server, due to insufficient path validation, processes the payload and attempts to upload the data to the attacker-specified path.
The system uploads the arbitrary data to an unintended location due to the path traversal vulnerability.
If the uploaded file overwrites an existing executable, the attacker may achieve remote code execution.
Alternatively, the uploaded file could contain a web shell allowing the attacker to execute commands on the server.
The attacker exploits the uploaded web shell or executable to gain further access and compromise the system.

Impact

Successful exploitation of CVE-2025-2749 can lead to arbitrary file uploads on the Kentico Xperience server. This could result in several severe consequences, including remote code execution, data compromise, and denial of service. While the exact number of affected organizations is unknown, organizations in various sectors rely on Kentico Xperience for their web content management needs. If exploited, attackers could gain complete control over the affected systems, leading to significant financial and reputational damage.

Recommendation

Apply mitigations per vendor instructions, specifically the hotfixes available on the Kentico devnet portal to address CVE-2025-2749.
Follow applicable BOD 22-01 guidance for cloud services if the Kentico Xperience instance is hosted in a cloud environment.
Deploy the Sigma rule “Detect Kentico Staging Sync Path Traversal Attempt” to monitor for suspicious file uploads with path traversal sequences in web server logs.
Regularly review and audit user accounts with access to the Staging Sync Server to minimize the risk of compromised credentials.

i18next-http-middleware Prototype Pollution and Path Traversal Vulnerability

hello@craftedsignal.io — Fri, 26 Jan 2024 12:00:00 +0000

i18next-http-middleware versions prior to 3.9.3 are susceptible to prototype pollution, path traversal, and SSRF attacks. The vulnerability stems from the insufficient validation of the lng (language) and ns (namespace) parameters passed via HTTP requests to the getResourcesHandler and the missingKeyHandler. These handlers, intended to serve localization resources, expose attack surface because they process user-controlled input without proper sanitization. This allows attackers to manipulate object properties, access unintended files or internal services, and cause denial-of-service conditions. The vulnerability was discovered via an internal security audit. Defenders should upgrade to version 3.9.3 to remediate the risks.

Attack Chain

The attacker crafts an HTTP GET request to the /locales/resources.json endpoint, targeting the getResourcesHandler.
The request includes malicious lng and ns query parameters, such as lng=__proto__&ns=isAdmin, or ns=../../etc/passwd.
The getResourcesHandler extracts the lng and ns parameters without sufficient validation.
The lng and ns values are passed to utils.setPath(resources, [lng, ns], ...) which allows writing to the Object prototype if lng is __proto__.
The lng and ns values are passed to i18next.services.backendConnector.load(languages, namespaces, ...) to load resource bundles. With filesystem or HTTP backends, this can enable path traversal or SSRF if ns or lng contain malicious path segments.
Alternatively, the attacker sends a POST request with a body containing a malicious __proto__ key to missingKeyHandler, for example {"__proto__": {"isAdmin": true}}.
The missingKeyHandler iterates over the request body using for...in, including inherited prototype properties, and forwards the malicious data into saveMissing.
Successful exploitation leads to prototype pollution, arbitrary file access, SSRF, or denial of service.

Impact

Successful exploitation can have significant consequences. Prototype pollution allows attackers to manipulate object properties globally, leading to broken authorization checks (e.g., bypassing if (user.isAdmin)), type confusion errors, or potentially remote code execution. Path traversal enables access to sensitive files on the server, like configuration files or password databases, while SSRF allows attackers to interact with internal services. Finally, the unbounded growth of the i18next.options.ns list and repeated backend load calls can lead to denial of service due to memory and CPU exhaustion. This can impact availability of the service and potentially other services on the same host.

Recommendation

Upgrade to i18next-http-middleware version 3.9.3 or later to address the vulnerabilities.
Deploy the Sigma rules provided below to detect exploitation attempts targeting the getResourcesHandler and missingKeyHandler endpoints.
If upgrading is not immediately feasible, implement a WAF rule as a partial mitigation to block requests containing __proto__, constructor, prototype, .., or control characters in lng/ns query parameters or body keys as suggested in the advisory.

i18next-fs-backend Path Traversal Vulnerability

hello@craftedsignal.io — Thu, 25 Jan 2024 12:00:00 +0000

The i18next-fs-backend library, a file system backend for the i18next internationalization framework, is vulnerable to a path traversal attack in versions prior to 2.6.4. This vulnerability arises from the unsanitized use of the lng (language) and ns (namespace) parameters when constructing file paths for loading and writing locale files. If an application exposes the language code to user input, an attacker can craft a malicious lng or ns value containing directory traversal sequences (e.g., ../) to escape the intended locale directory. Successful exploitation can lead to arbitrary file read, arbitrary file overwrite, and, if .js or .ts files are used for localization, arbitrary code execution. This vulnerability highlights the importance of input validation, especially when constructing file paths from user-controlled data. The vulnerability was patched in version 2.6.4.

Attack Chain

An attacker identifies an application using a vulnerable version of i18next-fs-backend (versions prior to 2.6.4) and exposes the language code to user input via query parameters (e.g., ?lng=), cookies, or request headers.
The attacker crafts a malicious lng value containing directory traversal sequences, such as ../../../../etc, to target sensitive files outside the intended locale directory.
The attacker sends a request to the application with the crafted lng parameter.
The application passes the unsanitized lng value to the i18next.t() function.
The i18next-fs-backend library interpolates the malicious lng value into the loadPath configuration option, without proper validation. For example, loadPath: '/locales/{{lng}}/{{ns}}.json' becomes /locales/../../../../etc/{{ns}}.json.
The backend attempts to read the file specified by the crafted path (e.g., /etc/passwd).
If successful, the contents of the targeted file are returned as a translation resource, potentially exposing sensitive information. If the attacker crafted the lng or ns value to point to a .js or .ts file containing malicious code, the backend will execute the file using eval(), leading to arbitrary code execution on the server.
Alternatively, if the application attempts to write a missing translation key using the crafted path (via addPath), the attacker could overwrite arbitrary files on the system, potentially leading to application compromise.

Impact

Successful exploitation of this vulnerability can have severe consequences. Arbitrary file read allows attackers to access sensitive data, such as configuration files, database credentials, or application source code. Arbitrary file overwrite can lead to application malfunction or complete compromise. If the application uses .js or .ts files for localization and the attacker is able to inject malicious code into those files through path traversal, arbitrary code execution can result, potentially allowing the attacker to gain full control of the server. The number of victims depends on the popularity and configuration of applications using the vulnerable i18next-fs-backend library.

Recommendation

Upgrade to i18next-fs-backend version 2.6.4 or later to patch the path traversal vulnerability as this version introduces the isSafePathSegment and interpolatePath functions to sanitize the path.
If upgrading is not immediately feasible, sanitize the lng and ns values at the application boundary before passing them to i18next. Reject values containing .., /, \, control characters, and limit the length to prevent path traversal as mentioned in the advisory.
If using .js or .ts locale files, carefully review them for any suspicious or unexpected code. The advisory highlights that these files must be treated as trusted code.
Monitor web server logs for suspicious requests containing directory traversal sequences in the lng or ns parameters. Deploy the first Sigma rule for this purpose.

Kaggle-MCP Path Traversal Vulnerability in prepare_kaggle_dataset Function

hello@craftedsignal.io — Tue, 09 Jan 2024 10:00:00 +0000

A path traversal vulnerability has been identified in the kaggle-mcp project, specifically affecting versions up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. The vulnerability resides within the prepare_kaggle_dataset function located in the src/kaggle_mcp/server.py file. Successful exploitation allows a remote attacker to read sensitive files from the server. The vulnerability stems from insufficient sanitization of the competition_id argument. The exploit is publicly known, increasing the risk of widespread exploitation. The project uses a rolling release model, making it difficult to pinpoint specific affected versions. The maintainers have been notified but have not yet addressed the issue.

Attack Chain

The attacker identifies a vulnerable kaggle-mcp instance.
The attacker crafts a malicious HTTP request targeting the endpoint that utilizes the prepare_kaggle_dataset function.
The attacker injects a path traversal sequence (e.g., ../) into the competition_id parameter of the HTTP request.
The application fails to properly sanitize the competition_id parameter.
The prepare_kaggle_dataset function uses the unsanitized competition_id to construct a file path.
The application accesses a file outside of the intended directory due to the path traversal.
The attacker receives the contents of the accessed file in the HTTP response.
The attacker repeats this process to enumerate and exfiltrate sensitive files, potentially gaining access to credentials, configuration files, or source code.

Impact

Successful exploitation of this vulnerability allows an attacker to read arbitrary files on the server hosting the kaggle-mcp application. This can lead to the disclosure of sensitive information, such as configuration files containing database credentials, API keys, or source code. This information can be further leveraged to compromise other systems or data. The number of potential victims is unknown, but depends on the adoption rate of the vulnerable kaggle-mcp application.

Recommendation

Inspect web server logs for HTTP requests containing path traversal sequences (e.g., ../, ..%2f) in the cs-uri-query field targeting endpoints associated with the prepare_kaggle_dataset function using the provided Sigma rule.
Implement input validation and sanitization on the competition_id parameter to prevent path traversal attacks.
Monitor web server logs for unusual file access patterns originating from the kaggle-mcp application based on the provided Sigma rule.

Xerte Online Toolkits Path Traversal Vulnerability

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

Xerte Online Toolkits, a tool used to create online learning materials, is vulnerable to a path traversal vulnerability (CVE-2026-34414) in versions 3.15 and earlier. The vulnerability exists in the elFinder connector endpoint at /editor/elfinder/php/connector.php. The name parameter within rename commands is not properly sanitized, allowing attackers to use directory traversal sequences (e.g., ../) to manipulate file locations. This flaw can be exploited to overwrite application files, inject stored cross-site scripting (XSS), or, when combined with other vulnerabilities, achieve unauthenticated remote code execution (RCE). This poses a significant threat to organizations utilizing affected versions of Xerte Online Toolkits, potentially leading to data breaches, system compromise, and reputational damage.

Attack Chain

An attacker identifies a vulnerable Xerte Online Toolkits instance running version 3.15 or earlier.
The attacker crafts a malicious HTTP request to /editor/elfinder/php/connector.php targeting the rename command.
Within the request, the name parameter contains directory traversal sequences (e.g., ../../) and the desired destination path.
The server, due to insufficient input validation, processes the request without properly sanitizing the name parameter.
The attacker moves a file (e.g., an uploaded image or media file) from its original project media directory to a new location specified within the malicious name parameter. This could involve moving a file to the application root directory.
If the attacker moves a specifically crafted PHP file to the application root and the webserver is configured to execute PHP files in the root, the attacker can then access this file via a web request.
The attacker executes arbitrary code on the server.
The attacker gains complete control of the Xerte Online Toolkits instance and potentially the underlying server.

Impact

Successful exploitation of this vulnerability can lead to several critical consequences. Attackers can overwrite sensitive application files, leading to denial of service or system instability. The injection of malicious JavaScript code can result in stored cross-site scripting (XSS) attacks, compromising user accounts and data. The most severe outcome is unauthenticated remote code execution (RCE), enabling attackers to gain complete control over the affected server, potentially leading to data breaches, malware deployment, and further lateral movement within the network. The CVSS v3.1 base score for this vulnerability is 7.1, indicating a high level of risk.

Recommendation

Upgrade Xerte Online Toolkits to a version greater than 3.15 to patch CVE-2026-34414.
Deploy the Sigma rule Detect Suspicious Path Traversal in Xerte Connector to identify attempted exploitation of the path traversal vulnerability by monitoring requests to /editor/elfinder/php/connector.php with directory traversal sequences.
Implement input validation and sanitization on the name parameter within the elFinder connector to prevent path traversal attacks.
Review web server configurations to prevent the execution of PHP files from the web root directory.

pygeoapi Path Traversal Vulnerability in STAC FileSystemProvider

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

A path traversal vulnerability has been identified in pygeoapi versions 0.23.0, 0.23.1, and 0.23.2, specifically within the STAC (Spatially Aware Catalog) FileSystemProvider plugin. This flaw allows unauthenticated attackers to access unauthorized directories by manipulating URL paths, particularly when pygeoapi is deployed without a proxy or web front end that normalizes URLs containing .. sequences. The vulnerability arises from improper handling of raw string path concatenation, making systems with STAC collection-based resources in their configuration susceptible to unauthorized file system access. This issue was resolved in version 0.23.3.

Attack Chain

An attacker crafts a malicious HTTP request targeting a pygeoapi instance configured with a STAC collection resource.
The crafted request includes a URL containing path traversal sequences (e.g., ../) to navigate the file system.
pygeoapi’s STAC FileSystemProvider plugin receives the request and attempts to resolve the file path.
Due to the raw string path concatenation vulnerability, the path traversal sequences are not properly sanitized.
The application constructs an incorrect file path, allowing access to files and directories outside of the intended STAC collection directory.
The attacker retrieves sensitive information or configuration files located in the exposed directories.
The attacker could potentially use the exposed information to further compromise the system.
The final objective is unauthorized access to sensitive data and potentially system compromise.

Impact

The path traversal vulnerability in pygeoapi allows unauthorized access to directories and files, potentially exposing sensitive data, configuration files, or even source code. The impact depends on the data stored in the exposed directories. Successful exploitation can lead to information disclosure, privilege escalation, and further system compromise. Organizations using vulnerable pygeoapi versions are at risk until they upgrade to version 0.23.3 or implement the recommended workaround.

Recommendation

Upgrade to pygeoapi version 0.23.3 to patch the vulnerability as detailed in the advisory (https://github.com/advisories/GHSA-f6pr-83pg-ghh6).
As an immediate mitigation, disable STAC collection-based resources in the pygeoapi configuration as described in the advisory (https://github.com/advisories/GHSA-f6pr-83pg-ghh6).
Deploy the Sigma rule “pygeoapi Path Traversal Attempt” to detect exploitation attempts in web server logs.

Path Traversal Vulnerability in WilliamCloudQi matlab-mcp-server

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

A path traversal vulnerability, identified as CVE-2026-7272, affects WilliamCloudQi’s matlab-mcp-server up to commit ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The vulnerability resides within the MCP Interface component, specifically in the generate_matlab_code/execute_matlab_code function of the src/index.ts file. A remote attacker can exploit this flaw by manipulating the scriptPath argument, allowing them to traverse the file system and potentially access sensitive files or execute arbitrary code on the server. This vulnerability is remotely exploitable, and an exploit is publicly available. The vendor was notified but has not yet responded. This poses a significant risk to systems running vulnerable versions of matlab-mcp-server.

Attack Chain

The attacker identifies a vulnerable instance of WilliamCloudQi matlab-mcp-server running a version up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca.
The attacker crafts a malicious HTTP request targeting the generate_matlab_code or execute_matlab_code function.
The malicious request includes a manipulated scriptPath argument containing path traversal sequences (e.g., ../, ..%2f).
The server-side code, without proper validation, uses the attacker-controlled scriptPath to access a file.
The attacker uses the path traversal to navigate to a sensitive file outside the intended directory (e.g., /etc/passwd).
The server reads the contents of the arbitrary file due to the path traversal.
The server includes the contents of the sensitive file in the response sent back to the attacker.
The attacker retrieves the sensitive information from the server’s response, such as configuration files, credentials, or source code.

Impact

Successful exploitation of this vulnerability allows a remote attacker to read arbitrary files on the server. This can lead to the disclosure of sensitive information, including configuration files, credentials, source code, or other data stored on the server’s file system. This information can then be used for further attacks, such as privilege escalation or lateral movement within the network. The number of potential victims is unknown, but any system running a vulnerable version of matlab-mcp-server is at risk.

Recommendation

Apply appropriate input validation and sanitization to the scriptPath argument in the generate_matlab_code and execute_matlab_code functions to prevent path traversal attacks.
Deploy the Sigma rules provided in this brief to your SIEM to detect potential exploitation attempts targeting this vulnerability.
Monitor web server logs for suspicious requests containing path traversal sequences (e.g., ../, ..%2f) in the scriptPath parameter.

Pardus Software Center Path Traversal Vulnerability (CVE-2026-5166)

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

CVE-2026-5166 is a critical path traversal vulnerability discovered in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center, affecting versions prior to 1.0.3. This vulnerability allows an attacker to bypass directory restrictions and potentially access sensitive files or execute arbitrary code on the underlying system. Path traversal vulnerabilities arise when an application does not properly sanitize user-supplied input used to construct file paths. This can lead to unauthorized access and modification of data, potentially leading to a full system compromise. The vulnerability was published on 2026-04-29, but due to its severity, detection engineers should prioritize creating detections for it.

Attack Chain

The attacker identifies an endpoint in Pardus Software Center that accepts file paths as input.
The attacker crafts a malicious request containing a path traversal payload, such as “../../../etc/passwd”.
The application fails to properly sanitize the input, allowing the path traversal sequence to be processed.
The application constructs a file path using the unsanitized input, effectively escaping the intended directory.
The application attempts to access the file specified by the attacker-controlled path.
If successful, the attacker can read sensitive files such as configuration files, user data, or system binaries.
The attacker may leverage the ability to read sensitive files to gain further information about the system, such as user credentials or system configuration.
The attacker can then exploit this information to escalate privileges or compromise other parts of the system.

Impact

Successful exploitation of CVE-2026-5166 can lead to unauthorized access to sensitive data, including configuration files, user data, and system binaries. This could allow an attacker to steal credentials, escalate privileges, or compromise the entire system. Given the CVSS v3.1 base score of 9.6, this vulnerability poses a critical risk to systems running affected versions of Pardus Software Center. The exact number of affected systems is currently unknown, but organizations using this software are urged to apply mitigations immediately.

Recommendation

Upgrade Pardus Software Center to version 1.0.3 or later to patch CVE-2026-5166.
Deploy the Sigma rule Pardus Software Center Path Traversal Attempt to detect exploitation attempts in web server logs.
Monitor web server logs for suspicious requests containing path traversal sequences like “../” or “.." to detect potential exploitation attempts.

OpenMRS ModuleResourcesServlet Path Traversal Vulnerability

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

OpenMRS Core, a widely used open-source medical record system, is vulnerable to a path traversal attack via the ModuleResourcesServlet. This flaw affects versions up to 2.7.8 and versions 2.8.0 through 2.8.5. An unauthenticated attacker can exploit this vulnerability by crafting a malicious URL to read arbitrary files from the server’s filesystem. The vulnerability exists because the ModuleResourcesServlet component fails to properly validate user-supplied path input when serving static module resources. This vulnerability is particularly critical because the affected endpoint is not protected by authentication filters, and successful exploitation depends on running Apache Tomcat versions before 8.5.31 or prior to 9.0.10.

Attack Chain

The attacker identifies a vulnerable OpenMRS instance running on a susceptible Tomcat version.
The attacker identifies a valid module ID installed on the target OpenMRS instance (e.g., legacyui).
The attacker crafts a malicious HTTP GET request to the /openmrs/moduleResources/{moduleid} endpoint containing a path traversal sequence (e.g., ..;) within the URL. The request attempts to access a sensitive file, such as /etc/passwd.
The ModuleResourcesServlet receives the request and extracts the path information without proper validation.
The application constructs a file path by concatenating the web application root, module path, module ID, “resources,” and the attacker-supplied path.
Due to missing path sanitization and normalization, the resulting file path points to the attacker-specified file outside the intended resources directory.
The server reads the content of the arbitrary file (e.g., /etc/passwd).
The server returns the file content in the HTTP response to the attacker, resulting in information disclosure.

Impact

Successful exploitation allows an unauthenticated attacker to read arbitrary files on the OpenMRS server. This can lead to the exposure of sensitive information, including system configuration files containing database credentials, potentially compromising the entire application and patient data. The number of affected deployments is unknown, but any OpenMRS instance running vulnerable versions on older Tomcat installations is at risk.

Recommendation

Upgrade OpenMRS Core to a patched version beyond 2.8.5 to address CVE-2026-40075.
As a short-term mitigation, upgrade Apache Tomcat to version 8.5.31 or later, or 9.0.10 or later, to leverage container-level path traversal protection.
Deploy the following Sigma rule to detect exploitation attempts against the vulnerable ModuleResourcesServlet endpoint.
Monitor web server logs for suspicious URL patterns containing path traversal sequences (../, ..;, %2e%2e%2f) targeting the /openmrs/moduleResources/ path.

MCPHub Path Traversal Vulnerability via Malicious MCPB Manifest Name

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

MCPHub is vulnerable to a path traversal vulnerability affecting versions prior to 0.12.13. The vulnerability exists in the MCPB file upload handler, which extracts a ZIP file and reads the manifest.json file. The name field from the manifest is directly concatenated into the file path without any sanitization or path traversal character validation. This allows an attacker to craft a malicious MCPB file with a manifest.name containing directory traversal sequences (e.g., ../../../etc/malicious), leading to arbitrary file extraction and potential directory deletion via the cleanupOldMcpbServer function. This vulnerability poses a significant risk to systems running vulnerable versions of MCPHub, potentially allowing attackers to overwrite critical system files or execute arbitrary code.

Attack Chain

An attacker crafts a malicious MCPB file.
The malicious MCPB file contains a manifest.json file with a name field set to a path traversal string (e.g., ../../../tmp/evil).
The attacker uploads the malicious MCPB file to the /mcpb/upload endpoint.
The uploadMcpbFile function extracts the uploaded MCPB file to a temporary directory.
The function reads and parses the manifest.json file from the temporary directory.
The manifest.name value (containing the path traversal string) is used to construct the final extraction directory path using path.join.
The server attempts to create the directory specified by the crafted path and moves the extracted files to this location. Due to the path traversal, the files are written outside the intended directory.
The cleanupOldMcpbServer function may be triggered, attempting to delete directories based on the unsanitized name, though constrained to the upload directory.

Impact

Successful exploitation of this path traversal vulnerability allows an attacker to write files to arbitrary locations on the server’s file system. This could lead to overwriting critical system files, injecting malicious code into existing applications, or gaining unauthorized access to sensitive data. The exact impact depends on the permissions of the user running the MCPHub application and the contents of the files being written. If the attacker can overwrite executable files or configuration files, they could achieve arbitrary code execution and full system compromise.

Recommendation

Apply the remediation recommendations from the original advisory: Use path.basename() to strip directory components from manifest.name, and enforce a strict character whitelist before use.
Deploy the Sigma rule “Detect MCPHub Path Traversal Attempt via Manifest Name” to identify attempts to exploit this vulnerability by monitoring for specific path traversal sequences in the manifest name (see Sigma rule).
Upgrade MCPHub to version 0.12.13 or later to patch this vulnerability.

florensiawidjaja BioinfoMCP Path Traversal Vulnerability

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

A path traversal vulnerability, identified as CVE-2026-7398, affects the BioinfoMCP platform developed by florensiawidjaja. The vulnerability resides in the Upload function within the bioinfo_mcp_platform/app.py file. An attacker can exploit this weakness remotely by manipulating the Name argument during file uploads, allowing them to write files to arbitrary locations on the server. This poses a significant security risk, potentially leading to code execution, data compromise, or denial of service. The exploit is publicly available, increasing the likelihood of exploitation. The BioinfoMCP project utilizes continuous delivery with rolling releases, making it difficult to determine specific affected and patched versions. The project has been notified through an issue report, but no response has been received.

Attack Chain

An attacker identifies an accessible BioinfoMCP instance.
The attacker crafts a malicious HTTP request targeting the Upload endpoint.
Within the request, the ‘Name’ argument is manipulated to include path traversal sequences (e.g., ../../).
The server-side application fails to properly sanitize or validate the ‘Name’ argument.
The application constructs a file path using the attacker-controlled ‘Name’ argument.
The application writes the uploaded file to the attacker-specified location outside of the intended upload directory.
The attacker uploads a malicious file (e.g., a web shell or executable).
The attacker executes the uploaded file, potentially gaining control of the server.

Impact

Successful exploitation of this path traversal vulnerability could allow an attacker to overwrite critical system files, execute arbitrary code on the server, and potentially gain complete control of the affected system. Due to the lack of specific versioning and deployment details, the number of potentially affected instances is unknown. However, given the publicly available exploit, any unpatched BioinfoMCP instance is at immediate risk of compromise. The impact includes potential data breaches, service disruption, and reputational damage.

Recommendation

Inspect web server logs for suspicious requests containing path traversal sequences (e.g., ../) in the cs-uri-query targeting the /app.py endpoint, activating the Sigma rule Detect BioinfoMCP Path Traversal Attempt.
Deploy the Sigma rule Detect BioinfoMCP Upload of Executable Files to identify potential malicious file uploads following exploitation.
Implement strict input validation and sanitization on all user-supplied input, especially the ‘Name’ argument in the Upload function within the bioinfo_mcp_platform/app.py file, to mitigate CVE-2026-7398.

AzuraCast Path Traversal Leads to Remote Code Execution

hello@craftedsignal.io — Wed, 03 Jan 2024 12:00:00 +0000

AzuraCast, a self-hosted web radio management suite, is susceptible to a critical path traversal vulnerability (CVE-2026-42605) in its Flow.js media upload endpoint (/api/station/{station_id}/files/upload). This flaw allows an authenticated user with media management permissions, such as a DJ or station manager, to bypass file storage directory restrictions. By manipulating the currentDirectory parameter during file uploads, attackers can write arbitrary files to locations outside the intended media directory. The vulnerability is present in versions up to and including 0.23.5, and exploitation leads to remote code execution via PHP webshell upload, potentially resulting in full server compromise. The default local filesystem storage backend is required for exploitation; S3 or remote storage is not vulnerable.

Attack Chain

The attacker authenticates to the AzuraCast web interface with a valid user account that has the StationPermissions::Media permission (e.g., DJ or Station Manager).
The attacker crafts a malicious HTTP POST request to the /api/station/{station_id}/files/upload endpoint, targeting a station that uses local storage.
The request includes a currentDirectory parameter containing path traversal sequences (e.g., ../../../../../var/azuracast/www/public).
The request also includes a PHP webshell file (shell.php) as the file_data parameter.
The server-side code in FlowUploadAction.php concatenates the unsanitized currentDirectory value with the sanitized filename.
The server attempts to process the uploaded file, but the .php extension triggers a CannotProcessMediaException.
The finally block in MediaProcessor.php executes, calling LocalFilesystem::upload() to copy the file to the concatenated path, bypassing normal path sanitization due to PathPrefixer::prefixPath().
The webshell is written to the web root, allowing the attacker to execute arbitrary commands by accessing the webshell via HTTP.

Impact

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the AzuraCast server. This can lead to full server compromise, including reading sensitive configuration files (database credentials, API keys), accessing all station data, modifying application code, and potentially escalating privileges to root. A DJ-level user, the lowest privileged role with media access, can achieve the equivalent of full system administrator access, resulting in data exfiltration and complete control over the AzuraCast instance.

Recommendation

Apply the vendor-provided patch by sanitizing the currentDirectory parameter in FlowUploadAction.php using UploadedFile::filterClientPath() to prevent path traversal.
Implement path normalization in LocalFilesystem::upload() to prevent traversal even after concatenation, as described in the advisory.
Deploy the Sigma rule “Detect AzuraCast Webshell Upload via Path Traversal” to identify exploitation attempts based on suspicious currentDirectory parameters.
Monitor web server logs for access to unusual PHP files in the web root directory, such as shell.php as described in the PoC.
Ensure that AzuraCast instances do not grant excessive permissions to users; minimize the number of accounts with StationPermissions::Media.

MLOps_MCP Path Traversal Vulnerability (CVE-2026-7213)

hello@craftedsignal.io — Tue, 02 Jan 2024 12:00:00 +0000

A path traversal vulnerability, identified as CVE-2026-7213, has been discovered in ef10007 MLOps_MCP version 1.0.0. The vulnerability resides within the fastmcp_server.py file of the save_file Tool component. It allows a remote attacker to perform path traversal by manipulating the filename/destination argument. The existence of a public exploit increases the risk of exploitation. The vendor has been notified but has not yet responded, leaving users vulnerable to potential attacks. This vulnerability poses a significant risk to systems utilizing the affected MLOps_MCP instance, potentially leading to unauthorized file access, modification, or even execution.

Attack Chain

The attacker identifies an instance of MLOps_MCP version 1.0.0 accessible remotely.
The attacker crafts a malicious request targeting the fastmcp_server.py file of the save_file Tool component.
Within the request, the attacker manipulates the filename/destination argument to include a path traversal sequence (e.g., ../../).
The MLOps_MCP application processes the crafted request without proper validation of the supplied path.
The application attempts to save the file to the attacker-specified path, traversing directories outside the intended storage location.
Depending on the server’s permissions, the attacker may be able to overwrite existing files or create new files in arbitrary locations.
If the attacker overwrites a critical system file, it can lead to denial of service.
If the attacker uploads and executes a malicious script, it can lead to complete system compromise.

Impact

Successful exploitation of this path traversal vulnerability (CVE-2026-7213) can lead to unauthorized file access, modification, or creation on the affected system. An attacker could potentially overwrite critical system files, leading to denial-of-service conditions. Furthermore, the attacker might be able to upload and execute malicious scripts, resulting in complete system compromise. The CVSS v3.1 base score of 7.3 indicates a high level of severity.

Recommendation

Deploy the Sigma rule Detect MLOps_MCP Path Traversal Attempt to your SIEM to detect path traversal attempts targeting fastmcp_server.py based on HTTP request parameters.
Implement input validation and sanitization measures on the filename/destination argument within the save_file Tool component to prevent path traversal attacks.
Monitor web server logs for suspicious requests containing path traversal sequences (e.g., ../, ..\\) as detected by the Detect Web Server Path Traversal rule.

geekgod382 filesystem-mcp-server Path Traversal Vulnerability (CVE-2026-7400)

hello@craftedsignal.io — Tue, 02 Jan 2024 12:00:00 +0000

A critical path traversal vulnerability, identified as CVE-2026-7400, affects geekgod382 filesystem-mcp-server version 1.0.0. This vulnerability resides within the is_path_allowed function in the server.py file, specifically in the read_file_tool/write_file_tool component. A remote attacker can exploit this weakness to bypass intended access restrictions and potentially read or write sensitive files outside the designated directories. Publicly available exploit code exists, increasing the urgency for remediation. Upgrade to version 1.1.0 to apply the patch (45364545fc60dc80aadcd4379f08042d3d3d292e) and mitigate this risk. This vulnerability allows attackers to potentially gain unauthorized access to the underlying system.

Attack Chain

The attacker identifies a vulnerable instance of filesystem-mcp-server version 1.0.0 exposed to the network.
The attacker crafts a malicious request targeting the read_file_tool or write_file_tool component.
The crafted request includes a path traversal sequence (e.g., ../) within the file path parameter.
The is_path_allowed function fails to properly sanitize the input path, allowing the traversal sequence to bypass intended restrictions.
The application processes the request, accessing a file outside the intended directory.
If using read_file_tool, the contents of the unauthorized file are returned to the attacker.
If using write_file_tool, the attacker can overwrite legitimate files, potentially injecting malicious code.
Successful exploitation allows the attacker to read sensitive information or achieve arbitrary code execution on the server.

Impact

Successful exploitation of this path traversal vulnerability (CVE-2026-7400) can allow an attacker to read arbitrary files from the affected server, potentially exposing sensitive data such as configuration files, credentials, or internal documents. If the write_file_tool is exploited, the attacker might overwrite critical system files, leading to denial of service or arbitrary code execution. This issue affects systems running geekgod382 filesystem-mcp-server version 1.0.0.

Recommendation

Upgrade to geekgod382 filesystem-mcp-server version 1.1.0 to apply the patch (45364545fc60dc80aadcd4379f08042d3d3d292e) that fixes CVE-2026-7400.
Deploy the Sigma rule “filesystem-mcp-server Path Traversal Attempt” to detect potential exploitation attempts against the filesystem-mcp-server.
Monitor web server logs for suspicious requests containing path traversal sequences (../, ..\\) targeting file access endpoints, as this may indicate exploitation attempts.
Implement input validation and sanitization measures to prevent path traversal attacks, even after upgrading, as defense-in-depth.

Detect-It-Easy Path Traversal Vulnerability (CVE-2026-43616)

hello@craftedsignal.io — Tue, 02 Jan 2024 12:00:00 +0000

Detect-It-Easy (DIE) is a program used to detect file types, unpackers, compilers, and crypto information. Versions prior to 3.21 are susceptible to a path traversal vulnerability (CVE-2026-43616). This vulnerability enables a malicious actor to write arbitrary files to the underlying filesystem by crafting archive entries with relative traversal sequences (e.g., “../../”) or absolute paths. This can be exploited by attackers by overwriting sensitive system files or user startup scripts, thus leading to persistent code execution. The vulnerability stems from insufficient path normalization during archive extraction.

Attack Chain

The attacker crafts a malicious archive (e.g., ZIP, TAR) containing files with path traversal sequences in their filenames or absolute paths.
The user executes Detect-It-Easy and loads the malicious archive for scanning.
Detect-It-Easy attempts to extract the files from the archive.
Due to insufficient path normalization, the application does not properly sanitize the file paths.
The application writes files outside the intended extraction directory.
The attacker overwrites a user startup script (e.g., .bashrc, .profile) with malicious code.
The user logs in or starts a new shell session.
The malicious code in the startup script executes, granting the attacker persistent access or executing arbitrary commands.

Impact

Successful exploitation of this vulnerability allows an attacker to write arbitrary files to the filesystem with the privileges of the user running Detect-It-Easy. This could lead to complete system compromise through persistent code execution. The impact includes potential data theft, malware installation, or denial of service. While the number of victims is not specified, any user running a vulnerable version of Detect-It-Easy is at risk.

Recommendation

Upgrade Detect-It-Easy to version 3.21 or later to patch CVE-2026-43616.
Implement the Sigma rule “Detect-It-Easy Suspicious Archive Extraction” to identify potential exploitation attempts by detecting the execution of Detect-It-Easy with archive files containing path traversal sequences.
Monitor file creation events for suspicious file writes outside of expected directories, particularly in user startup script locations, to detect potential exploitation based on file_event logsource.

Apko DirFS Symlink Path Traversal Vulnerability

hello@craftedsignal.io — Tue, 02 Jan 2024 12:00:00 +0000

A path traversal vulnerability exists in apko’s DirFS component, specifically within the sanitizePath helper function in versions prior to 1.2.5. The vulnerability allows a malicious .apk file to install a TypeSymlink tar entry pointing outside the intended build root. Subsequent directory creation or file writing operations could then traverse this symbolic link, leading to unauthorized access and modification of files on the host system. This issue affects users of apko and downstream tools, such as melange, that embed vulnerable versions of the pkg/apk/fs package. The vulnerability was addressed in apko version 1.2.5 with the introduction of *os.Root, which prevents path traversal.

Attack Chain

An attacker crafts a malicious .apk file containing a TypeSymlink tar entry.
The symbolic link’s target is set to a path outside the intended build root, potentially targeting sensitive system directories.
The malicious .apk is processed using a vulnerable version of apko (prior to 1.2.5) via commands like apko build-cpio or through disk-backed consumers such as melange.
During tar extraction, the vulnerable sanitizePath function fails to properly resolve or refuse the malicious symlink.
A subsequent directory-creation or file-write operation is initiated within the same or a later archive entry.
The file operation traverses the previously created symbolic link, gaining access to the file system location outside the intended build root.
The attacker can then create directories or write files to the compromised location, potentially overwriting critical system files or injecting malicious code.
Successful exploitation can lead to privilege escalation and persistent compromise of the host system.

Impact

Successful exploitation of this vulnerability allows an attacker to write files to arbitrary locations on the host system. This can lead to privilege escalation if the attacker can overwrite setuid binaries or modify system configuration files. It can also lead to persistent compromise of the system if the attacker injects malicious code into startup scripts or other system files. While the exact number of victims is unknown, any system running a vulnerable version of apko (prior to 1.2.5) or tools embedding vulnerable versions of pkg/apk/fs, such as melange, is potentially at risk.

Recommendation

Upgrade apko to version 1.2.5 or later. This version includes a fix that prevents path traversal vulnerabilities as described in the advisory and commit f5a96e1.
If upgrading is not immediately feasible, avoid consuming APKs from untrusted sources. However, note that this does not fully eliminate the risk.
Monitor file creation events in sensitive directories for unexpected activity, especially after processing .apk files.