Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
5DescriptionCVE.org
A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the logs_dir parameter. This allows the attacker to create new directories and write files to arbitrary locations on the system, potentially leading to unauthorized data modification or disclosure.
AnalysisAI
Path traversal in InstructLab's chat session handler enables local authenticated attackers to write files to arbitrary filesystem locations by manipulating the logs_dir parameter. Red Hat Enterprise Linux AI 3 deployments are confirmed affected. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires authenticated local system access with low-level user privileges on systems running Red Hat Enterprise Linux AI 3 with InstructLab installed. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is moderate despite high CVSS score, limited primarily by the local attack vector (AV:L) and requirement for low-privilege authentication (PR:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with low-privilege local access to a RHEL AI 3 system running InstructLab initiates a chat session and intercepts or modifies the logs_dir parameter through environment variables, configuration files, or API calls. By injecting path traversal sequences like ../../etc/cron.d/ or /opt/sensitive_models/, the attacker writes malicious files to critical system locations-planting cron jobs for persistence, overwriting model checkpoints to poison AI outputs, or exfiltrating training data by redirecting logs to attacker-controlled paths. … |
| Remediation | Apply vendor-released security updates for Red Hat Enterprise Linux AI 3 as published in Red Hat Security Advisories. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: inventory all Red Hat Enterprise Linux AI 3 deployments running InstructLab and document current versions. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Remote code execution in InstructLab affects Red Hat Enterprise Linux AI 3 when users download or train models from Hugg
Use-after-free in FFmpeg's RASC video decoder exposes Red Hat Enterprise Linux AI 3 and Red Hat OpenShift AI deployments
Image input manipulation in vLLM's multimodal preprocessing pipeline allows remote, unauthenticated network attackers to
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-24736
GHSA-pqmg-c2j8-fq92