Platform
python
Component
kedro
Fixed in
1.3.1
1.3.0
CVE-2026-35167 is a path traversal vulnerability discovered in Kedro, a data science toolbox. This flaw allows attackers to bypass intended directory restrictions by crafting malicious version strings within data pipeline configurations. The vulnerability impacts Kedro versions from 0.0.0 up to, but not including, version 1.3.0. A fix is available in version 1.3.0.
The vulnerability lies within the getversioned_path() method, which directly interpolates user-supplied version strings into filesystem paths without proper sanitization. This means attackers can inject traversal sequences like ../ to escape the intended versioned dataset directory. Successful exploitation could allow an attacker to read arbitrary files on the system, including sensitive configuration files, credentials, or other data stored outside the intended data pipeline directory. The impact is particularly severe if Kedro pipelines are used to process or store sensitive data, as an attacker could potentially gain access to confidential information. This vulnerability is analogous to other path traversal flaws where insufficient input validation leads to unauthorized file access.
This vulnerability was publicly disclosed on 2026-04-06. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog as of this writing. Given the relatively recent disclosure and lack of public exploits, the probability of exploitation is currently considered medium, but could increase with wider awareness and potential tooling development.
Exploit Status
EPSS
0.06% (19% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade Kedro to version 1.3.0 or later, which includes a fix for this vulnerability. If upgrading is not immediately feasible, consider implementing input validation on version strings used in Kedro pipeline configurations. Restrict access to the Kedro environment to authorized personnel only. Implement a Web Application Firewall (WAF) with rules to detect and block requests containing suspicious path traversal sequences (e.g., ../). After upgrading, verify the fix by attempting to access a file outside the intended versioned dataset directory using a crafted version string; the access should be denied.
Update Kedro to version 1.3.0 or higher to mitigate the directory traversal vulnerability. This version corrects the lack of sanitization in file path construction when loading versioned datasets, thus preventing the possibility of accessing files outside the intended version directory.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-35167 is a path traversal vulnerability affecting Kedro data pipelines, allowing attackers to access files outside intended directories by manipulating version strings.
You are affected if you are using Kedro versions 0.0.0 through 1.2.9. Upgrade to version 1.3.0 or later to mitigate the vulnerability.
Upgrade Kedro to version 1.3.0 or later. As a temporary workaround, implement input validation on version strings and restrict access to the Kedro environment.
As of now, there are no known active exploits for CVE-2026-35167, but the probability of exploitation could increase with wider awareness.
Refer to the Kedro project's official security advisories and release notes for detailed information and updates regarding CVE-2026-35167.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.