File Write and Path Traversal Flaws Expose AGiXT and Bugsink to Server Compromise
Two application vulnerabilities have exposed AGiXT and Bugsink servers to filesystem-level attacks that can lead to full host compromise. In AGiXT, advisory GHSA-5gfj-64gh-mgmw describes an authenticated path traversal flaw in the Essential Abilities Extension, rated CVSS 8.8, that lets an attacker escape intended directories and access files with the permissions of the AGiXT process. The issue allows arbitrary read, write, and delete operations against sensitive targets including environment files, configuration data, database credentials, cryptographic keys, /etc/shadow, and .ssh/id_rsa, creating high risk to confidentiality, integrity, and availability.
A separate flaw tracked as CVE-2026-40162 affects Bugsink and enables authenticated arbitrary file write or overwrite within the application's runtime permissions, with a CVSS 7.1 rating. The weakness can be used to overwrite Python source files or module initialization scripts so attacker-controlled code executes on restart or when a new worker is spawned, effectively turning file access into remote code execution. Both disclosures warn that deployments running with elevated privileges or broad filesystem access face the greatest danger, including persistence through locations such as cron directories, .ssh/authorized_keys, or application package paths, as well as exposure of secrets, telemetry, and backend credentials.
Timeline
Apr 10, 2026
Bugsink arbitrary file write vulnerability disclosed
A high-severity vulnerability in Bugsink was publicly disclosed that allows authenticated arbitrary file write or overwrite within the application's permissions, creating a path to remote code execution and possible broader system compromise in misconfigured deployments.
Apr 8, 2026
AGiXT path traversal vulnerability disclosed
A severe authenticated path traversal vulnerability in the AGiXT Essential Abilities Extension was publicly described, showing that attackers could read, write, and delete arbitrary files accessible to the AGiXT process and potentially achieve persistent remote code execution.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
Related Stories
Critical Root Access and Arbitrary File Write Flaws Disclosed in Network-Exposed Systems
Two high-severity vulnerabilities were disclosed affecting exposed application and device management surfaces, including a flaw that can give attackers **root access** and another that enables **arbitrary file write** through path traversal. **CVE-2026-3587** describes an unauthenticated remote attack path in a hidden CLI function that lets an attacker escape a restricted prompt and gain root access to the underlying Linux operating system, potentially leading to full device compromise. The issue was mapped to `CWE-912` and assigned a `CVSS v3.1` score vector of `AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H`, with CERT VDE publishing advisory `VDE-2026-020`. A separate vulnerability, **CVE-2026-5027**, affects Langflow's `POST /api/v2/files` endpoint, where improper sanitization of the multipart `filename` parameter allows path traversal using `../` sequences. An authenticated attacker can exploit the bug to write files to arbitrary filesystem locations, creating a route to compromise confidentiality, integrity, and availability. The flaw was classified as `CWE-22`, carries the `CVSS v3.1` vector `AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`, and is referenced in Tenable advisory `TRA-2026-26`.
1 months ago
Multiple Critical Vulnerability Disclosures Across Gogs, Jinjava, and Kubernetes Local Path Provisioner
Several **high-severity vulnerability disclosures** were published across widely used developer and infrastructure components, with impacts ranging from **remote code execution (RCE)** to **account takeover** and **arbitrary host file writes**. In *Gogs* (self-hosted Git service), three CVEs were reported: **CVE-2025-64111** (CVSS 9.3) enables RCE by bypassing checks in `UpdateRepoFile` to modify `.git/config` via the API (described as an insufficient fix for an earlier issue); **CVE-2025-64175** (CVSS 7.7) allows a **cross-account 2FA recovery-code bypass** in versions `0.13.3` and earlier if an attacker already has a victim’s username/password; and **CVE-2026-24135** (CVSS 7.2) is a wiki rename path traversal that can delete arbitrary files by manipulating `old_title`. Separately, *Jinjava* (HubSpot CMS template engine) disclosed **CVE-2026-25526** (CVSS 9.8), a sandbox escape chain that permits arbitrary Java code execution by abusing `ForTag` iteration behavior (Bean ELResolver restriction bypass) and `ObjectMapper`-based JSON deserialization to instantiate disallowed classes. A critical Kubernetes storage issue was also disclosed in *Kubernetes Local Path Provisioner*: **CVE-2025-62878** (CVSS 10.0) allows directory traversal via the `parameters.pathPattern` setting, enabling a user who can create storage resources to provision volumes in arbitrary host locations (e.g., `/etc`) and potentially overwrite sensitive files on cluster nodes. In parallel to these product flaws, separate research reported widespread **exposure of Git metadata** on the public internet—approximately **4.96 million** IPs with accessible `.git` directories and **250,000+** exposing `.git/config` files that may contain deployment credentials—highlighting a common, high-impact misconfiguration pattern that can enable source code reconstruction and secret theft. Active exploitation activity was reported for *Ivanti Endpoint Manager Mobile (EPMM)* involving **CVE-2026-1281** and **CVE-2026-1340**, where attackers were observed dropping `/mifs/403.jsp` and using a Base64-delivered Java class loader designed for delayed, in-memory activation rather than immediate interactive webshell use.
1 months ago
Critical Unauthenticated Remote Code Execution Flaws Disclosed in GitLab and Apache Commons Text
Authorities warned of **critical vulnerabilities** in **GitLab Community Edition and Enterprise Edition** and the **Apache Commons Text** component that could be exploited remotely over a network. In both cases, the flaws were described as reachable **without physical access**, requiring **no user interaction** and **no prior authentication**, making internet-exposed systems particularly at risk. The advisories indicate that attackers could target the vulnerable software directly rather than relying on phishing or stolen credentials, raising the likelihood of rapid opportunistic exploitation. Organizations using affected GitLab deployments or applications that include Apache Commons Text were urged to identify exposed assets quickly and prioritize remediation because the weaknesses could enable severe compromise through unauthenticated remote attacks.
2 weeks ago