CVE-2026-26396 in XAgent정보

요약

\~에 의해 MITRE • 2026. 07. 13.

OpenBMB XAgent v1.0.0 and before is vulnerable to path traversal in the file() function in XAgent/XAgentServer/application/routers/workspace.py. The input parameter “filename” is user-controllable and is concatenated into the file path to be read without proper validation, leading to a directory traversal vulnerability that may result in sensitive information disclosure.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

책임이 있는

MITRE

예약하다

2026. 02. 16.

모더레이션

수락

항목

VDB-378149

EPSS

0.00000

활동

낮음

출처

Want to know what is going to be exploited?

We predict KEV entries!