Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-48544
Deferred
More InfoOfficial Page
Source-disclosure@vulncheck.com
View Known Exploited Vulnerability (KEV) details
Published At-27 May, 2026 | 15:16
Updated At-28 May, 2026 | 17:16

Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get_resource() method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using str.startswith() without a trailing path separator. Attackers can send crafted GET requests with path traversal segments targeting a prefix-matching sibling directory on disk, bypassing the directory containment check because Flask's path converter and Werkzeug's WSGI layer preserve the traversal segments while the resolved path still satisfies the flawed startswith comparison, enabling unauthorized file access outside the intended library directory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-22Secondarydisclosure@vulncheck.com
CWE ID: CWE-22
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Avaiga/taipy/commit/129fd407ffca49ee4ab853772c88d0c873e038dddisclosure@vulncheck.com
N/A
https://github.com/Avaiga/taipy/issues/2868disclosure@vulncheck.com
N/A
https://github.com/Avaiga/taipy/pull/2871disclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/taipy-path-traversal-via-elementlibrary-get-resourcedisclosure@vulncheck.com
N/A
https://github.com/Avaiga/taipy/issues/2868134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.com/Avaiga/taipy/commit/129fd407ffca49ee4ab853772c88d0c873e038dd
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://github.com/Avaiga/taipy/issues/2868
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://github.com/Avaiga/taipy/pull/2871
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/taipy-path-traversal-via-elementlibrary-get-resource
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://github.com/Avaiga/taipy/issues/2868
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A
Change History
0Changes found
Details not found