HIGHCVE-2026-39981CVSS 8.8

CVE-2026-39981: Path Traversal in AGiXT

Q: What is CVE-2026-39981 — Path Traversal in AGiXT?

CVE-2026-39981 is a Path Traversal vulnerability in AGiXT versions 1.0.0 through 1.9.1, allowing authenticated attackers to access arbitrary files on the server.

Q: Am I affected by CVE-2026-39981 in AGiXT?

You are affected if you are running AGiXT versions 1.0.0 through 1.9.1. Upgrade to 1.9.2 to resolve the issue.

Q: How do I fix CVE-2026-39981 in AGiXT?

Upgrade AGiXT to version 1.9.2. As a temporary workaround, restrict access to the agent workspace and monitor file system activity.

Q: Is CVE-2026-39981 being actively exploited?

No active exploitation has been confirmed, but the vulnerability's nature suggests it is likely to be targeted.

Q: Where can I find the official AGiXT advisory for CVE-2026-39981?

Refer to the AGiXT security advisories on their official website or GitHub repository for the latest information.

Platform

nodejs

Component

agxt

Fixed in

1.9.3

AI Confidence: highNVDEPSS 0.5%Reviewed: May 2026

View on NVD

Save

CVE-2026-39981 describes a Path Traversal vulnerability discovered in AGiXT, a dynamic AI Agent Automation Platform. This flaw allows authenticated attackers to bypass workspace restrictions and access arbitrary files on the server. The vulnerability impacts versions 1.0.0 through 1.9.1 and has been resolved in version 1.9.2.

Impact and Attack Scenarios

The core of this vulnerability lies within the safejoin() function of the essentialabilities extension. Due to insufficient validation of resolved file paths, an attacker can craft directory traversal sequences (e.g., ../..) to navigate outside the intended agent workspace. Successful exploitation grants the attacker the ability to read sensitive configuration files, modify application data, or even delete critical system files. The potential blast radius is significant, as an attacker could compromise the entire AGiXT instance and potentially gain access to underlying server resources. This vulnerability shares similarities with other path traversal exploits where inadequate input sanitization leads to unauthorized file access.

Exploitation Context

CVE-2026-39981 was publicly disclosed on 2026-04-09. No public proof-of-concept (POC) code has been released at the time of writing, but the vulnerability's nature makes it likely that exploits will emerge. The EPSS score is currently pending evaluation. This vulnerability is not currently listed on the CISA KEV catalog.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

Reports1 threat report

EPSS

0.54% (68% percentile)

CISA SSVC

Exploitationpoc

Automatableno

Technical Impact

Affected Software

Componentagxt

VendorJosh-XT

Affected rangeFixed in

< 1.9.2 – < 1.9.21.9.3

Weakness Classification (CWE)

CWE-22

Timeline

Reserved2026-04-08
Published2026-04-09
Modified2026-04-13
EPSS updated2026-04-17

Mitigation and Workarounds

The primary mitigation is to immediately upgrade AGiXT to version 1.9.2, which contains the fix for this vulnerability. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the agent workspace directory using file system permissions, ensuring that only the AGiXT process has write access. Implement strict input validation on any user-supplied file paths within the application. Monitor file system activity for suspicious patterns, such as unexpected file modifications or access attempts outside the designated workspace. Consider deploying a Web Application Firewall (WAF) with rules to detect and block directory traversal attempts.

How to fix

Update AGiXT to version 1.9.2 or later to mitigate the directory traversal vulnerability. This update corrects the incorrect file path validation, preventing attackers from accessing arbitrary files on the server.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2026-39981 — Path Traversal in AGiXT?