CVE-2026-5597 | griptape-ai griptape 0.19.4 ComputerTool tool.py filename path traversal

Inserito da Angelo Barbosa | Apr 5, 2026 | CVE

A vulnerability classified as critical was found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptapetoolscomputertool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal.

This vulnerability is registered as CVE-2026-5597. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5597 | griptape-ai griptape 0.19.4 ComputerTool tool.py filename path traversal

Post correlati

CVE-2024-29419 | Totolink X2000R prior 1.0.0-B20231213.1013 Easy Setup Page cross site scripting

CVE-2025-67730 | Frappe LMS up to 2.41.x Description cross site scripting

CVE-2024-25532 | RuvarOA 6.01/12.01 /include/get_dict.aspx bt_id sql injection

CVE-2025-27623 | Jenkins REST API/CLI information disclosure