EUVD-2026-32522
GHSA-8j45-8v5h-63vj
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionNVD
Agent Zero before version 1.15 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by supplying crafted paths to the image file serving endpoint, which relies solely on an extension allowlist while the path containment check is explicitly disabled. Attackers can request any file with an image extension readable by the process, including files outside the agent workspace, user home directories, and mounted volumes, and can also leverage symlink-based escapes due to the lack of path canonicalization in the path resolution logic.
AnalysisAI
Arbitrary file read in Agent Zero before version 1.15 lets remote unauthenticated attackers retrieve files outside the agent workspace through the image-serving API (api/image_get.py), which validates only the file extension while the directory-containment check is commented out. Any file readable by the process and bearing an allowed image extension can be disclosed, and symlinks can be abused to reach non-image targets because the path is never canonicalized. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify and catalog all systems running Agent Zero prior to version 1.15, and assess what sensitive files may be exposed. Within 7 days: Upgrade all Agent Zero deployments to version 1.15 or later across production and non-production environments. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today