CVE-2026-10044: CWE-36 Absolute Path Traversal in Usagi-org ai-goofish-monitor
Usagi-org ai-goofish-monitor has an unauthenticated absolute path traversal vulnerability in its GET /api/prompts/{filename} endpoint on Windows systems. This flaw allows remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal sequences. The vulnerability arises because the path traversal protection only blocks forward slashes and '.. ', but attackers can bypass this by using absolute paths, causing the application to expose files accessible to its process. The vulnerability has a high severity with a CVSS score of 7. 5 and does not require authentication to exploit.
AI Analysis
Technical Summary
The ai-goofish-monitor product from Usagi-org contains an unauthenticated arbitrary file read vulnerability (CWE-36) in the GET /api/prompts/{filename} endpoint on Windows deployments. The vulnerability is due to incomplete path traversal protection that blocks only forward slashes and '..' sequences but fails to handle absolute Windows paths or backslash-based traversal sequences. Attackers can supply absolute Windows system file paths, causing os.path.join to discard the intended prompts directory prefix and expose arbitrary files readable by the application process. This allows remote attackers to read sensitive files without authentication.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to read arbitrary files on the affected Windows system with the privileges of the application process. This can lead to disclosure of sensitive information. There is no indication of impact on integrity or availability. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — no official fix or remediation guidance is currently available from the vendor. Users should monitor the vendor advisory for updates. Until a fix is released, restricting network access to the vulnerable endpoint or deploying application-layer protections to validate and sanitize input paths may reduce exposure.
CVE-2026-10044: CWE-36 Absolute Path Traversal in Usagi-org ai-goofish-monitor
Description
Usagi-org ai-goofish-monitor has an unauthenticated absolute path traversal vulnerability in its GET /api/prompts/{filename} endpoint on Windows systems. This flaw allows remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal sequences. The vulnerability arises because the path traversal protection only blocks forward slashes and '.. ', but attackers can bypass this by using absolute paths, causing the application to expose files accessible to its process. The vulnerability has a high severity with a CVSS score of 7. 5 and does not require authentication to exploit.
CVSS v3.1
Score 7.5high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The ai-goofish-monitor product from Usagi-org contains an unauthenticated arbitrary file read vulnerability (CWE-36) in the GET /api/prompts/{filename} endpoint on Windows deployments. The vulnerability is due to incomplete path traversal protection that blocks only forward slashes and '..' sequences but fails to handle absolute Windows paths or backslash-based traversal sequences. Attackers can supply absolute Windows system file paths, causing os.path.join to discard the intended prompts directory prefix and expose arbitrary files readable by the application process. This allows remote attackers to read sensitive files without authentication.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to read arbitrary files on the affected Windows system with the privileges of the application process. This can lead to disclosure of sensitive information. There is no indication of impact on integrity or availability. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — no official fix or remediation guidance is currently available from the vendor. Users should monitor the vendor advisory for updates. Until a fix is released, restricting network access to the vulnerable endpoint or deploying application-layer protections to validate and sanitize input paths may reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-05-28T20:52:04.733Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a18b4aee29bf47b5032f451
Added to database: 5/28/2026, 9:33:34 PM
Last enriched: 5/28/2026, 9:48:53 PM
Last updated: 5/29/2026, 8:17:38 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.