What is the CVSS score of EUVD-2026-12635?

EUVD-2026-12635 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.1%.

Which versions of Ray are affected by EUVD-2026-12635?

CVE-2026-32981 is a path traversal vulnerability in Ray Dashboard (versions before 2.8.1) that allows unauthenticated attackers to read arbitrary files on affected systems, exposing sensitive…. A patch is available.

Is there a public PoC exploit available for EUVD-2026-12635?

Yes, a public proof-of-concept exploit is available for EUVD-2026-12635. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate EUVD-2026-12635?

Within 24 hours: Inventory all Ray deployments and identify systems running versions prior to 2.8.1; restrict network access to port 8265 (Ray Dashboard) to trusted administrators only. Within 7 days: Upgrade Ray to version 2.8.1 or later on all affected systems; verify patch application across all nodes. Within 30 days: Audit logs for unauthorized file access patterns; review and rotate any credentials or secrets that may have been exposed via this vulnerability.

Ray EUVD-2026-12635

| CVE-2026-32981 HIGH

Path Traversal (CWE-22)

2026-03-17 VulnCheck

GHSA-j3mh-qmjj-xp83

Path Traversal Ray Red Hat

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Red Hat

7.5 HIGH

qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:21 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

2.8.1

PoC Detected

Mar 18, 2026 - 14:52 vuln.today

Public exploit code

EUVD ID Assigned

Mar 17, 2026 - 20:30 euvd

EUVD-2026-12635

Analysis Generated

Mar 17, 2026 - 20:30 vuln.today

CVE Published

Mar 17, 2026 - 19:33 nvd

HIGH 7.5

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

1 pypi packages depend on ray (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 2.8.1.

DescriptionCVE.org

A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traversal sequences (e.g., ../) to access files outside the intended static directory, resulting in local file disclosure.

AnalysisAI

Unauthenticated attackers can read arbitrary files on systems running Ray versions before 2.8.1 by exploiting a path traversal flaw in the Dashboard's static file handler on port 8265. The vulnerability stems from insufficient input validation that allows directory traversal sequences to bypass access controls, and public exploit code is available. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft HTTP request with path traversal sequences

Exploit

Send request to Ray Dashboard port 8265

Execution

Bypass path validation in static file handler

Impact

Read arbitrary files outside static directory

Access

Craft HTTP request with path traversal sequences

Exploit

Send request to Ray Dashboard port 8265

Execution

Bypass path validation in static file handler

Impact

Read arbitrary files outside static directory

Vulnerability AssessmentAI

Exploitation	Remote unauthenticated attacker accessing Ray Dashboard (default port 8265) on Ray versions prior to 2.8.1. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	This vulnerability presents a significant real-world risk based on multiple threat intelligence signals. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker identifies a Ray Dashboard instance exposed to the internet on port 8265 through scanning or search engines like Shodan. Using the publicly available exploit code, they craft HTTP requests containing path traversal sequences (e.g., GET /static/../../../../etc/passwd) to read sensitive files such as configuration files, SSH keys, or application secrets. …
Remediation	Upgrade Ray to version 2.8.1 or later immediately to address this vulnerability, as this version includes the necessary input validation fixes for the Dashboard's static file handler. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Ray deployments and identify systems running versions prior to 2.8.1; restrict network access to port 8265 (Ray Dashboard) to trusted administrators only. …

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

EUVD-2026-12635 vulnerability details – vuln.today

Back

Ray EUVD-2026-12635

Severity by source

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Vendor StatusVendor

Share

External POC / Exploit Code