CVE-2026-7214 | eghuzefa engineer-your-data up to 0.1.3 src/server.py read_file/write_file/list_files/file_inf WORKSPACE_PATH path traversal

A vulnerability classified as critical has been found in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function read_file/write_file/list_files/file_inf of the file src/server.py. The manipulation of the argument WORKSPACE_PATH leads to path traversal.

This vulnerability is listed as CVE-2026-7214. The attack may be initiated remotely. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7214 | eghuzefa engineer-your-data up to 0.1.3 src/server.py read_file/write_file/list_files/file_inf WORKSPACE_PATH path traversal

Post correlati

CVE-2025-20100 | Intel Xeon 6 access control (intel-sa-01278)

CVE-2025-27521 | Huawei HarmonyOS 5.0.0 Process Management Module access control

CVE-2025-1598 | SourceCodester Best Church Management Software 1.0 asset_crud.php photo1 unrestricted upload

CVE-2024-38366 | CocoaPods injection