Activepieces CVE-2026-53535
MEDIUMSeverity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
PR:H reflects mandatory WRITE_PROJECT_RELEASE permission; S:U because writes remain within the process user's existing OS authorization boundary; C:N as no read primitive exists.
Primary rating from Vendor (github).
CVSS VectorVendor: github
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Activepieces is an open source AI workflow automation platform. Prior to 0.82.0, the git-sync feature clones a user-configured Git repository into a temporary directory on the server and then writes flow, table, and connection state into it before pushing back, and two separate weaknesses allowed those writes to escape the intended workspace and land on arbitrary paths on the host filesystem: Git's symbolic-link handling was not disabled on the clone, so an attacker who controlled the remote repository could include symlinks that redirected the writes, and several user-supplied identifiers used to build on-disk paths (the repository slug and the externalId of tables, flows, and connections) were not validated against directory-traversal sequences such as ../. On a self-hosted Enterprise Edition deployment, a user authorized to configure or push to a git-sync repository (holding the WRITE_PROJECT_RELEASE permission) could cause the server to overwrite files anywhere the Activepieces process user can write, which depending on host layout can be leveraged for tampering, denial of service, or remote code execution. This issue is fixed in version 0.82.0.
AnalysisAI
Path traversal in Activepieces Enterprise Edition git-sync prior to 0.82.0 allows an authenticated project administrator to overwrite arbitrary files on the host filesystem, with potential impact ranging from data tampering and denial of service to remote code execution. Two distinct weaknesses compound each other: Git's symbolic-link handling was not disabled during repository cloning, and user-supplied identifiers - repository slug and the externalId fields for flows, tables, and connections - were concatenated into filesystem paths without sanitization of directory-traversal sequences. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires: (1) a self-hosted Activepieces Enterprise Edition deployment with the git-sync feature enabled - this is an Enterprise-only capability not present in Community Edition or cloud-hosted instances; (2) an authenticated user account holding the WRITE_PROJECT_RELEASE permission; (3) either control over the remote Git repository configured for sync (to embed malicious symlinks) or the ability to set the repository slug or externalId values for flows, tables, or connections to strings containing `../` directory traversal sequences. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 5.9 appropriately reflects the high privilege barrier (PR:H - WRITE_PROJECT_RELEASE permission) and AT:P (specific attack requirements), which together significantly constrain who can exploit this. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker holding WRITE_PROJECT_RELEASE permission on a self-hosted Activepieces Enterprise instance either configures git-sync to point to an attacker-controlled remote repository embedding symlinks targeting host paths such as `/etc/cron.d/` or application startup scripts, or sets the repository slug or an externalId to a value containing `../` sequences. When the server performs a sync, it writes attacker-controlled JSON content to the resolved path outside the workspace - for example, dropping a cron script that executes a reverse shell as the Activepieces process user. … |
| Remediation | Upgrade to Activepieces version 0.82.0 or later, available at https://github.com/activepieces/activepieces/releases/tag/0.82.0; this is the only fully effective fix. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today