Skip to main content

Taipy EUVDEUVD-2026-32531

| CVE-2026-48544 HIGH
Path Traversal (CWE-22)
2026-05-27 disclosure@vulncheck.com GHSA-28gh-q3gw-pvx8
8.7
CVSS 4.0 · Vendor: vulncheck
Share

Severity by source

Vendor (vulncheck) PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (vulncheck) · only source for this CVE.

CVSS VectorVendor: vulncheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Source Code Evidence Fetched
May 27, 2026 - 20:10 vuln.today
Analysis Generated
May 27, 2026 - 20:10 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 2 pypi packages depend on taipy (2 direct, 0 indirect)

Ecosystem-wide dependent count for version 4.1.1.

DescriptionCVE.org

Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get_resource() method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using str.startswith() without a trailing path separator. Attackers can send crafted GET requests with path traversal segments targeting a prefix-matching sibling directory on disk, bypassing the directory containment check because Flask's path converter and Werkzeug's WSGI layer preserve the traversal segments while the resolved path still satisfies the flawed startswith comparison, enabling unauthorized file access outside the intended library directory.

AnalysisAI

Unauthorized file disclosure in Taipy 4.1.1 lets remote unauthenticated attackers read files outside an extension library's intended directory through the GUI ElementLibrary.get_resource() resource handler. The containment check used str.startswith() without a trailing separator, so a crafted request with traversal segments can resolve into a prefix-matching sibling directory on disk while still passing the flawed check. Impact is confined to confidentiality (file read), with no public exploit identified at time of analysis and no CISA KEV listing.

Technical ContextAI

Taipy is a Python framework for building data and AI web applications; its GUI layer supports custom extension libraries that ship static assets served at runtime by ElementLibrary.get_resource() in taipy/gui/extension/library.py. That method computed a target file path from the requested name and validated it stayed within the library's base directory using str(file).startswith(str(base)). Because the comparison lacks a trailing path separator, it is a pure string-prefix test, so a sibling directory such as /app/lib_secret satisfies startswith('/app/lib'). This is a classic CWE-22 improper limitation of a pathname (path traversal): Flask's path converter and Werkzeug's WSGI layer preserve the encoded traversal segments end-to-end, while the resolved path still passes the prefix string match. The fix (commit 129fd40, PR #2871) replaces the string comparison with pathlib's file.is_relative_to(base), which performs a proper component-aware containment check.

RemediationAI

Upstream fix available (PR/commit); released patched version not independently confirmed - apply commit 129fd407ffca49ee4ab853772c88d0c873e038dd (Avaiga/taipy PR #2871), which replaces the unsafe str.startswith() containment check with pathlib's file.is_relative_to(base). Until a packaged release containing this commit is confirmed, upgrade from source to a build that includes it, or backport the one-line change to the get_resource() check in taipy/gui/extension/library.py. As compensating controls where patching is not yet possible: avoid registering custom extension libraries in directories that share a name prefix with adjacent sensitive directories (renaming removes the prefix-match condition the attack depends on), and place the Taipy app behind a reverse proxy or WAF rule that normalizes and rejects URL paths containing encoded or literal ../ traversal segments before they reach the resource endpoint - noting that overly aggressive path normalization can break legitimately encoded resource names. Refer to the vendor advisory at https://www.vulncheck.com/advisories/taipy-path-traversal-via-elementlibrary-get-resource and issue #2868 for details.

More in Python

View all
CVE-2025-24016 CRITICAL POC
9.9 Feb 10

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t

CVE-2025-27520 CRITICAL POC
9.8 Apr 04

BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser

CVE-2025-2945 CRITICAL POC
9.9 Apr 03

pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi

CVE-2013-5093 MEDIUM POC
6.8 Sep 27

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python

CVE-2025-32375 CRITICAL POC
9.8 Apr 09

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica

CVE-2014-0224 HIGH POC
7.4 Jun 05

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph

CVE-2024-21644 HIGH POC
7.5 Jan 08

pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.

CVE-2017-9462 HIGH POC
8.8 Jun 06

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2024-21645 MEDIUM POC
5.3 Jan 08

pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne

CVE-2026-33017 CRITICAL POC
9.3 Mar 17

Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301

CVE-2026-55255 HIGH POC
8.4 Jun 19

Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing

Share

EUVD-2026-32531 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy