Skip to main content

Continue

1 CVEs product

Monthly

CVE-2026-8770 LOW POC Monitor

Path traversal in Continue 1.2.22 and earlier allows local authenticated attackers to read arbitrary files on the host system via crafted dirPath parameters to the lsTool function in the JSON-RPC server. The vulnerability has a publicly available exploit (GitHub Gist) but CVSS base score of 3.3 (Low) reflects limited impact due to local access requirement, low privilege requirement, and confidentiality-only impact with no integrity or availability consequences. EPSS data unavailable; not listed in CISA KEV, indicating no confirmed widespread exploitation.

Path Traversal Continue
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
EPSS 0% CVSS 1.9
LOW POC Monitor

Path traversal in Continue 1.2.22 and earlier allows local authenticated attackers to read arbitrary files on the host system via crafted dirPath parameters to the lsTool function in the JSON-RPC server. The vulnerability has a publicly available exploit (GitHub Gist) but CVSS base score of 3.3 (Low) reflects limited impact due to local access requirement, low privilege requirement, and confidentiality-only impact with no integrity or availability consequences. EPSS data unavailable; not listed in CISA KEV, indicating no confirmed widespread exploitation.

Path Traversal Continue
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy