Security Bulletin:Werkzeug Safe Join Function Vulnerability: Path Segments with Windows Device Names Prior to Version 3.1.4

Summary Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory...

Security Bulletin:Safe Join Function Vulnerability Fixed in Werkzeug v3.1.6

Summary Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fac...

CVE-2026-39981

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...

CVE-2026-39981 AGiXT has a Path Traversal in safe_join()

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...

CVE-2026-39981

CVE-2026-39981 affects AGiXT (dynamic AI Agent Automation Platform). The vulnerability is in the safe_join() function of the essential_abilities extension, where path validation fails and allows directory traversal to read, write, or delete arbitrary files on the server. This requires authenticat...

Directory Traversal

Overview agixt is an An Artificial Intelligence Automation Platform. AI Instruction management from various providers, has an adaptive memory, and a versatile plugin system with many commands including web browsing. Supports many AI providers and models and growing support every day. Affected...

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library werkzeug-3.1.4 which is vulnerable to CVE-2026-21860

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library werkzeug-3.1.4-py3-none-any.whl which is vulnerable to CVE-2026-21860. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-21860 DESCRIPTION: Werkzeug is a...

Path Traversal

Werkzeug is vulnerable to Path Traversal. The vulnerability is due to the safejoin function allowing Windows special device names as filenames if preceded by other path segments, where the function sendfromdirectory uses safejoin to safely serve files at user-specified paths under a directory and...

Directory Traversal

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Directory Traversal via the safejoin function, which uses the os.path.isabs function. An attacker can access arbitrary files on the file system. Note...

SUSE CVE-2026-27199

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

CVE-2026-27199

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

CVE-2026-27199

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

CVE-2026-27199 Werkzeug safe_join() allows Windows special device names

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

CVE-2026-27199 Werkzeug safe_join() allows Windows special device names

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

CVE-2026-27199

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

GHSA-29VQ-49WR-VM6X Werkzeug safe_join() allows Windows special device names

Werkzeug's safejoin function allows Windows device names as filenames if when preceded by other path segments. This was previously reported as https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safejoin accepts...

PT-2026-21351

Name of the Vulnerable Software and Affected Versions Werkzeug versions 3.1.5 and below Description The safe join function in Werkzeug, a WSGI web application library, improperly handles Windows device names when used as filenames, particularly when preceded by other path segments. Specifically,...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Werkzeug

Summary Multiple vulnerabilities in Werkzeug that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2026-21860 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments wi...

SUSE CVE-2026-21860

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present...

UBUNTU-CVE-2026-21860

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present...