Skip to main content

Continue CVE-2026-8770

| EUVDEUVD-2026-30715 LOW
Path Traversal (CWE-22)
2026-05-17 VulDB GHSA-2c7p-5h72-cjj3
1.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.9 LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
CVSS changed
May 18, 2026 - 00:22 NVD
3.3 (LOW) 1.9 (LOW)
Analysis Generated
May 18, 2026 - 00:00 vuln.today

DescriptionCVE.org

A vulnerability was identified in continuedev continue up to 1.2.22. This affects the function lsTool of the file core/tools/implementations/lsTool.ts of the component JSON-RPC Server. Such manipulation of the argument dirPath leads to path traversal. An attack has to be approached locally. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Path traversal in Continue 1.2.22 and earlier allows local authenticated attackers to read arbitrary files on the host system via crafted dirPath parameters to the lsTool function in the JSON-RPC server. The vulnerability has a publicly available exploit (GitHub Gist) but CVSS base score of 3.3 (Low) reflects limited impact due to local access requirement, low privilege requirement, and confidentiality-only impact with no integrity or availability consequences. EPSS data unavailable; not listed in CISA KEV, indicating no confirmed widespread exploitation.

Technical ContextAI

Continue is an AI-powered code assistant that operates as a development tool. The vulnerability exists in core/tools/implementations/lsTool.ts within Continue's JSON-RPC server component. CWE-22 (Path Traversal) occurs when the lsTool function fails to properly validate or sanitize the dirPath argument, allowing an attacker to use directory traversal sequences (e.g., '../') to escape intended directory boundaries and list or access files outside the permitted scope. JSON-RPC servers typically expose methods for inter-process communication; in this case, the exposed lsTool method lacks input validation on filesystem paths. The CPE identifier cpe:2.3:a:continuedev:continue:*:*:*:*:*:*:*:* indicates all versions up to and including 1.2.22 are affected, suggesting a longstanding design flaw rather than a recent regression.

RemediationAI

No vendor-released patch identified at time of analysis despite early disclosure attempts. The vendor (continuedev) was notified but did not respond, leaving patch availability uncertain. Users should monitor the Continue GitHub repository (https://github.com/continuedev/continue) for security updates beyond version 1.2.22. As compensating controls: restrict local access to systems running Continue to trusted users only, as exploitation requires authenticated local access; run Continue processes with minimal filesystem permissions using principle of least privilege to limit traversal scope; implement mandatory access control (MAC) or containerization (Docker, Podman) to isolate Continue's file access to specific directories, though this may impact legitimate functionality if Continue requires broad filesystem access for code analysis; audit local user accounts on developer workstations running Continue and remove unnecessary privileges. Monitor filesystem access logs for unusual directory traversal patterns in Continue process activity. Reference exploit details at https://gist.github.com/YLChen-007/da04e032993a4b2324df915f9ecf9831 and VulDB entries https://vuldb.com/vuln/364395 for technical indicators to detect exploitation attempts.

Share

CVE-2026-8770 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy