CVE-2026-47118— Agent Zero < 1.15 Path Traversal File Read via image_get API
Possible ATT&CK Techniques 3AI
T1083 · File and Directory Discovery T1552.001 · Credentials In Files T1560 · Archive Collected DataAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| 3clyp50 | agent-zero | < 1.15 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-47118
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Agent Zero < 1.15 Path Traversal File Read via image_get API
Source: NVD (National Vulnerability Database)
Vulnerability Description
Agent Zero before version 1.15 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by supplying crafted paths to the image file serving endpoint, which relies solely on an extension allowlist while the path containment check is explicitly disabled. Attackers can request any file with an image extension readable by the process, including files outside the agent workspace, user home directories, and mounted volumes, and can also leverage symlink-based escapes due to the lack of path canonicalization in the path resolution logic.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Agent Zero 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Agent Zero是Jan Tomášek个人开发者的一个人工智能框架。 Agent Zero 1.15之前版本存在路径遍历漏洞,该漏洞源于路径遍历,可能导致未认证攻击者读取任意文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| 3clyp50 | agent-zero | 0 ~ 1.15 | - |
II. Public POCs for CVE-2026-47118
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-47118
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-47118 (1)
Vendor Advisories for CVE-2026-47118 (2)
IV. Related Vulnerabilities
Same product: agent-zero
- CVE-2026-47119
Agent Zero < 1.15 Stored XSS via image_get API Endpoint - CVE-2026-4308
frdel/agent0ai agent-zero document_query.py handle_pdf_docum - CVE-2026-4307
frdel/agent0ai agent-zero files.py get_abs_path path travers - CVE-2025-6166
frdel Agent-Zero image_get.py image_get path traversal - CVE-2025-3547
frdel Agent-Zero get_work_dir_files path traversal
Same weakness: CWE-22
- CVE-2026-41412
alf.io vulnerable to Arbitrary File Read and Exfil via simpl - CVE-2026-49144
BrowserStack Runner 0.9.5 Path Traversal via _default HTTP H - CVE-2026-32685
Path Traversal in gleam docs build via documentation.pages A - CVE-2026-43965
Path Traversal in build/packages/packages.toml Allows Arbitr - CVE-2026-49136
Banana Slides 0.4.0 Path Traversal via generate_image() in a
V. Comments for CVE-2026-47118
No comments yet