Plattform
python
Komponente
deerflow
Behoben in
2176b2bbfccfce25ceee08318813f96d843a13fd
CVE-2026-40518 describes a Path Traversal vulnerability discovered in ByteDance's DeerFlow, a Python-based component. This vulnerability allows attackers to potentially write arbitrary files on the system, impacting data integrity and potentially leading to system compromise. It affects DeerFlow versions prior to commit 2176b2bbfccfce25ceee08318813f96d843a13fd. A fix has been released in version 2176b2bbfccfce25ceee08318813f96d843a13fd.
The vulnerability stems from insufficient validation of the agent name during custom-agent creation in bootstrap mode. Attackers can craft malicious agent names containing traversal sequences (e.g., ../..) or absolute paths. This bypasses the intended directory restriction, allowing them to write files outside the designated custom-agent directory. The potential impact is significant, as an attacker could overwrite critical system files or inject malicious code, leading to complete system compromise, depending on the filesystem permissions of the DeerFlow process. Successful exploitation could enable remote code execution and persistent access to the affected system.
This vulnerability was publicly disclosed on 2026-04-17. There is currently no indication of active exploitation or a KEV listing. Public proof-of-concept code is not yet available, but the vulnerability's nature suggests it could be relatively easy to exploit once a PoC is developed. Monitor security advisories and threat intelligence feeds for updates.
Organizations utilizing DeerFlow in their data processing pipelines, particularly those with bootstrap-mode custom-agent creation enabled, are at risk. Environments with less restrictive filesystem permissions for the DeerFlow process are especially vulnerable, as an attacker could leverage this vulnerability to gain broader system access. Users relying on DeerFlow for sensitive data processing should prioritize patching.
• python: Monitor DeerFlow process for unexpected file creation or modification outside of the intended custom-agent directory. Use os.walk() to recursively scan directories and identify suspicious files.
• generic web: Examine DeerFlow logs for requests containing path traversal sequences in the agent name parameter. Use grep to search for patterns like ../ or absolute paths.
• linux / server: Use lsof to identify processes accessing files outside the expected DeerFlow directory. lsof | grep deerflow
disclosure
Exploit-Status
EPSS
0.03% (9% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade DeerFlow to version 2176b2bbfccfce25ceee08318813f96d843a13fd, which includes the necessary agent name validation fix. If immediate upgrading is not possible, consider implementing strict filesystem permissions on the custom-agent directory to limit the impact of potential file writes. Additionally, monitor DeerFlow logs for suspicious file creation attempts, particularly those involving traversal sequences or unexpected paths. WAF rules could be configured to block requests containing potentially malicious agent names, but this is not a substitute for patching.
Actualice DeerFlow a la versión que incluya el commit 2176b2bbfccfce25ceee08318813f96d843a13fd o posterior. Esta corrección aborda la validación de nombres de agentes en el modo de arranque, previniendo la posibilidad de escritura arbitraria de archivos.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-40518 is a Path Traversal vulnerability in ByteDance's DeerFlow component, allowing attackers to write files outside the intended directory.
You are affected if you are using DeerFlow versions 0.0.0–2176b2bbfccfce25ceee08318813f96d843a13fd and have bootstrap-mode custom-agent creation enabled.
Upgrade DeerFlow to version 2176b2bbfccfce25ceee08318813f96d843a13fd. Implement stricter input validation as a temporary workaround.
There is currently no indication of active exploitation campaigns targeting CVE-2026-40518.
Refer to ByteDance's security advisories or DeerFlow's official documentation for updates and information regarding CVE-2026-40518.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.