PostgreSQL
CVE-2026-40258
CRITICAL
Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionGitHub Advisory
Summary
A path traversal vulnerability (Zip Slip) exists in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP file with directory-traversal filenames to write arbitrary files outside the intended temporary extraction directory on the server's local filesystem.
Details
When importing media archives as ZIP file, MediaImporter._check_disk_space_and_extract() in gramps_webapi/api/media_importer.py called zipfile.extractall() without validating ZIP entry names. Python's zipfile module does not sanitize entry names containing ../ sequences, allowing extraction to paths outside the target directory.
Only users with owner permission can upload media ZIP archives, so the biggest risk is for multi-tree deployments, where tree owners are distinct from server administrators.
For multi-tree deployments, the impact depends on deployment configuration. Assuming the standard docker-based deployment is used:
- SQLite family tree + local media: An attacker can overwrite another tree's database file or media files, leading to cross-tree data corruption or replacement.
- Postgres family tree + S3 media: No persistent tree data is stored on the local filesystem, so cross-tree impact is eliminated. The remaining risk is overwriting volume-mounted files such as the application config file.
- Postgres family tree + S3 media + environment-variable-only config: No persistent files of value are present on the local filesystem. Impact is limited to writes to ephemeral container storage, which are lost on woker restart.
Fix
ZIP entry names are now validated against the resolved real path of the temporary directory before extraction. Any entry whose resolved path falls outside the temporary directory raises an error and aborts the import.
AnalysisAI
Path traversal (Zip Slip) in gramps-web-api media archive import allows authenticated owner-privileged users to write arbitrary files outside intended directories via malicious ZIP archives. Exploitation requires owner-level access and enables cross-tree data corruption in multi-tree SQLite deployments or config file overwrite in volume-mounted configurations. Postgres+S3 deployments limit impact to ephemeral container storage. No public exploit identified at time of analysis.
Technical ContextAI
Unsafe use of Python zipfile.extractall() in MediaImporter._check_disk_space_and_extract() function fails to sanitize ZIP entry names containing ../ directory traversal sequences. CWE-22 path traversal permits extraction to arbitrary filesystem locations resolved relative to extraction directory. Fix validates ZIP entry resolved real paths against temporary directory boundaries before extraction.
RemediationAI
Vendor-released patch: upgrade to gramps-webapi version 3.11.1 or later, which implements path validation preventing directory traversal during ZIP extraction. Install via pip: pip install --upgrade gramps-webapi>=3.11.1. For environments unable to upgrade immediately, restrict owner-level permissions to trusted administrators only and audit existing media archive imports for unexpected filesystem modifications. Multi-tree deployments should migrate to Postgres+S3 storage backends to eliminate persistent local filesystem attack surface. Consult vendor advisory at https://github.com/gramps-project/gramps-web-api/security/advisories/GHSA-m5gr-86j6-99jp and review patch implementation at https://github.com/gramps-project/gramps-web-api/commit/3ed4342711e3ec849552df09b1fe2fbf2ca5c29a for technical details.
More in PostgreSQL
View allPostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re
Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve
## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin
Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot
Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-m5gr-86j6-99jp