CVE-2026-26396
OpenBMB · XAgent
A path traversal vulnerability in the file() function of OpenBMB XAgent allows unauthenticated attackers to read sensitive files via the "filename" parameter.
Executive summary
A path traversal vulnerability in OpenBMB XAgent v1.0.0 and earlier allows unauthenticated remote attackers to access sensitive system files.
Vulnerability
The application is vulnerable to directory traversal within XAgentServer/application/routers/workspace.py. The filename parameter is inadequately validated, allowing unauthenticated attackers to supply crafted input and traverse the directory structure to read arbitrary files.
Business impact
With a CVSS score of 7.5, this vulnerability represents a high risk of sensitive information disclosure. Attackers can leverage this to exfiltrate configuration files, credentials, or source code, which could be used as a precursor to further system compromise or data theft.
Remediation
Immediate Action: Review the OpenBMB XAgent repository for security updates and apply patches that implement strict input sanitization on the filename parameter.
Proactive Monitoring: Monitor application access logs for suspicious patterns containing directory traversal sequences (e.g., ../, ..%2f) directed at the workspace.py endpoint.
Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to block requests containing directory traversal characters or patterns in URI parameters.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Organizations running OpenBMB XAgent must treat this vulnerability with high urgency. Given the availability of a proof-of-concept, it is critical to sanitize inputs or restrict access to the affected service until an official patch is verified and applied.