CVE Catalog

CVE-2026-40503

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.41%

34th percentile - higher than 34% of all known CVEs

Summary

A path traversal vulnerability in OpenHarness prior to commit dd1d235 allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can bypass the project memory directory validation and access sensitive files accessible to the OpenHarness process.

Risk Assessment

The risk involves potential leakage of confidential data such as configurations, passwords, or user data stored on the server filesystem, which could lead to organizational security breaches.

Recommendation

Immediately update OpenHarness to a version containing commit dd1d235 or later, and restrict access to the /memory show command to trusted users only.

Original NVD description (English source)

OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can manipulate the path input parameter to escape the project memory directory and access sensitive files accessible to the OpenHarness process without filesystem containment validation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS