CVE-2026-33344 | dagu-org dagu up to 2.3.0 API Endpoint generateFilepath path traversal

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability described as critical has been identified in dagu-org dagu up to 2.3.0. Affected is the function generateFilepath of the component API Endpoint. Such manipulation leads to path traversal.

This vulnerability is listed as CVE-2026-33344. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2026-33344 | dagu-org dagu up to 2.3.0 API Endpoint generateFilepath path traversal

Post correlati

CVE-2025-61143 | libtiff up to 4.7.1 libtiff/tif_open.c null pointer dereference

CVE-2024-30056 | Microsoft Edge 124.0.2478.109 unknown vulnerability

CVE-2024-24857 | Linux Kernel up to 6.8-rc1 Bluetooth conn_info_min_age_set/conn_info_max_age_set race condition

CVE-2024-29947 | Hikvision DS-7604NI-K1 up to 4.30.096build221220 Message null pointer dereference