CVE-2026-7784 | RTGS2017 NagaAgent up to 5.1.0 Skills Endpoint extensions.py Name path traversal (Issue 311)

A vulnerability was found in RTGS2017 NagaAgent up to 5.1.0 and classified as critical. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal.

This vulnerability is referenced as CVE-2026-7784. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7784 | RTGS2017 NagaAgent up to 5.1.0 Skills Endpoint extensions.py Name path traversal (Issue 311)

Post correlati

CVE-2025-20059 | Ping Identity PingAM Java Policy Agent up to 5.10.3/2023.11.1/2024.9 path traversal

CVE-2024-28096 | Schoolbox up to 23.1.2 Class cross site scripting

CVE-2025-54249 | Adobe Experience Manager up to 6.5.23.0 server-side request forgery (apsb25-90)

CVE-2026-23105 | Linux Kernel up to 6.6.121/6.12.67/6.18.7/6.19-rc6 sched privilege escalation