Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
3DescriptionGitHub Advisory
Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3.
AnalysisAI
Authorization bypass in Headplane (the web UI for Headscale) prior to 0.6.3 and 0.7.0-beta.3 allows authenticated low-privilege users to escape the intended Headscale API endpoint via path traversal sequences embedded in node and user rename values. By smuggling traversal payloads through un-encoded URL path segments, an attacker can reach arbitrary Headscale API operations, breaking the RBAC model and impacting integrity and availability of the tailnet. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Technical ContextAI
Headplane is a feature-complete web UI for Headscale, an open-source, self-hosted implementation of the Tailscale control server. The flaw is a classic CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) inside the Headscale API client used for rename operations: user-controlled node names and user names were interpolated directly into the request URL path without URL-encoding. Because Headscale's REST API distinguishes operations by path (e.g., /api/v1/node/{id}/rename/{new_name}), unencoded '/', '..', or other reserved characters let the rename segment slip out of its slot and re-target a different endpoint, effectively turning a rename call into an arbitrary API call. The CPE cpe:2.3:a:tale:headplane:*:* confirms the affected component is the Headplane application itself, not Headscale.
RemediationAI
Vendor-released patch: upgrade to Headplane 0.6.3 on the stable channel or 0.7.0-beta.3 on the pre-release channel, per the project advisory GHSA-vgj6-hcf2-fqf6 and release notes at https://github.com/tale/headplane/releases/tag/v0.6.3 and https://github.com/tale/headplane/releases/tag/v0.7.0-beta.3; Docker deployments should redeploy from ghcr.io/tale/headplane:0.6.3 or :latest. The upstream fix URL-encodes user-controlled node and user rename path segments before they are sent to Headscale, so no configuration change is needed once upgraded. If upgrading immediately is not possible, compensating controls include disabling node and user rename functionality for non-admin users by restricting Headplane UI access (for example, gating /users and /machines rename routes at a reverse proxy or OIDC policy), and tightening Headscale-side RBAC so the Headplane service account cannot perform sensitive API calls beyond rename - the trade-off is loss of legitimate self-service rename capability and additional operational overhead. Audit existing Headscale node and user names for suspicious characters such as '/', '..', or URL-encoded equivalents that may indicate prior exploitation attempts.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35193