CVE-2026-58170 in Vibe-Trading
Summary
by MITRE • 06/30/2026
Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitization (agent/src/live/mandate/commit.py). A proposal identifier containing path traversal sequences causes the application to load an attacker-controlled JSON file as an authoritative live trading mandate. Combined with the file upload endpoint, an admitted caller can write a JSON file to a known location and traverse to it, and because the ceilings validation is skipped when ceilings are absent, the attacker fully controls the committed mandate.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 06/30/2026
This vulnerability exists in the Vibe-Trading platform prior to version 0110 where the application fails to properly sanitize user-supplied input when constructing file paths for proposal files. The flaw resides in the commit.py module within the agent/src/live/mandate directory structure where the system naively concatenates a caller-provided proposal identifier directly onto the broker proposals directory path without any validation or sanitization measures. This path traversal vulnerability allows malicious actors to manipulate the file access pattern by including directory traversal sequences such as ../ or ..\ in their proposal identifiers. When an attacker crafts a proposal identifier containing these sequences, the application loads what appears to be a legitimate JSON file but is actually an attacker-controlled file positioned at an arbitrary location within the filesystem.
The operational impact of this vulnerability is severe and directly enables unauthorized privilege escalation and arbitrary code execution within the trading platform's operational context. An attacker who has gained access to the system through legitimate means can exploit this flaw to load malicious JSON configuration files that define trading mandates with complete control over the system's behavior. The vulnerability becomes particularly dangerous when combined with the file upload endpoint functionality, as it allows an authenticated caller to first upload a malicious JSON file to a known location within the filesystem and then traverse to that specific file using the vulnerable path construction mechanism. This combination creates a complete attack vector for privilege escalation and data manipulation.
The technical flaw represents a classic path traversal vulnerability classified under CWE-22 Path Traversal and aligns with ATT&CK technique T1059 Command and Scripting Interpreter for executing malicious configurations through controlled mandate files. The system's failure to validate or sanitize the proposal identifier input creates an opportunity for attackers to bypass normal file access controls and load unauthorized configuration data. Additionally, the vulnerability exploits a weakness in the validation logic where ceilings validation is skipped when ceilings are absent, further amplifying the attack surface by allowing complete control over the mandate structure without proper safety checks. This design flaw essentially removes any protection mechanisms that would normally prevent unauthorized access to critical system configuration files.
Mitigation strategies should focus on implementing strict input validation and sanitization for all user-supplied identifiers used in file path construction. The system must employ normalized path resolution techniques that strip or reject directory traversal sequences before any file operations occur. Implementing a whitelist-based approach where only pre-approved proposal identifier patterns are accepted would significantly reduce the attack surface. Additionally, the application should enforce proper file access controls and implement separation of concerns between different operational components to prevent unauthorized file access patterns from being executed. The system should also validate that resolved file paths remain within designated directories and reject any attempts to traverse outside of allowed boundaries. Regular security auditing of file path construction logic and input validation mechanisms should be implemented as part of ongoing security maintenance protocols to prevent similar vulnerabilities from being introduced in future releases.