Skip to main content

Banana Slides

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-49136 HIGH POC PATCH This Week

Path traversal in Banana Slides through 0.4.0 allows unauthenticated remote attackers to read arbitrary image-format files outside the uploads directory via the generate_image() function in the AI service backend. The flaw stems from an incomplete prefix check using os.path.startswith() without a trailing separator, letting sibling directories whose names share the uploads folder prefix bypass containment. Publicly available exploit code exists (GitHub issue #429), and a vendor patch has been released in commit e8bc490.

Path Traversal Banana Slides
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-49136
EPSS 0% CVSS 8.7
HIGH POC PATCH This Week

Path traversal in Banana Slides through 0.4.0 allows unauthenticated remote attackers to read arbitrary image-format files outside the uploads directory via the generate_image() function in the AI service backend. The flaw stems from an incomplete prefix check using os.path.startswith() without a trailing separator, letting sibling directories whose names share the uploads folder prefix bypass containment. Publicly available exploit code exists (GitHub issue #429), and a vendor patch has been released in commit e8bc490.

Path Traversal Banana Slides
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy