CVE-2026-45242

🗓️ 18 May 2026 18:52:08Reported by VulnCheckType

cve🔗 web.nvd.nist.gov👁 8 Views🌐 WEB

Authenticated users can exploit slidesDir path traversal to write files to arbitrary directories.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-45242	18 May 202618:52	–	attackerkb
CNNVD	Summarize 安全漏洞	18 May 202600:00	–	cnnvd
Cvelist	CVE-2026-45242 Summarize < 0.15.1 Path Traversal via slidesDir Parameter	18 May 202618:52	–	cvelist
EUVD	EUVD-2026-30797	18 May 202618:52	–	euvd
Github Security Blog	Summarize contains a path traversal vulnerability	18 May 202621:31	–	github
NVD	CVE-2026-45242	18 May 202619:16	–	nvd
OSV	GHSA-8JR4-6R33-PHWM Summarize contains a path traversal vulnerability	18 May 202621:31	–	osv
Positive Technologies	PT-2026-41719	18 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-45242	5 Jun 202619:18	–	redhatcve
Snyk	Missing Authorization	18 May 202621:50	–	snyk

NVD

Vulners

Node

steipete summarizeRange<0.15.1

[
  {
    "defaultStatus": "affected",
    "vendor": "steipete",
    "product": "summarize",
    "repo": "https://github.com/steipete/summarize",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "semver",
        "lessThan": "0.15.1"
      },
      {
        "status": "unaffected",
        "version": "ec8efd63295656fbfe8743620179c489bc5a242f",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
vulncheck	www.vulncheck.com/advisories/summarize-path-traversal-via-slidesdir-parameter
github	www.github.com/steipete/summarize/commit/ec8efd63295656fbfe8743620179c489bc5a242f
github	www.github.com/steipete/summarize/releases/tag/v0.15.2
github	www.github.com/steipete/summarize/pull/220

Parameter	Position	Path	Description	CWE
slidesDir	request body	/v1/summarize	Path traversal vulnerability allowing authenticated callers to write slide_*.png and slides.json to arbitrary writable directories by supplying absolute path or directory traversal in slidesDir; enables subsequent deletion of those files.	CWE-862

19 May 2026 01:34Current

5.9Medium risk

Vulners AI Score5.9

CVSS 47.1

CVSS 3.17.1

EPSS0.00074

SSVC

CWE-862