The vulnerability identified as CVE-2026-27598 affects dagu, a workflow engine with a web UI, specifically versions up to and including 1.16.7. The issue arises from improper validation of the DAG name parameter in the CreateNewDAG API endpoint (POST /api/v1/dags). This parameter is used directly to write YAML files to the file store without sanitization, enabling path traversal (CWE-22). An authenticated user with DAG write permissions can craft a malicious DAG name containing path traversal sequences (e.g., ../) to write arbitrary files anywhere the dagu process has write access. Because dagu executes DAG files as shell commands, this can be leveraged to overwrite existing DAGs or configuration files, resulting in remote code execution (RCE). The vulnerability does not require elevated privileges beyond DAG write access and does not require additional user interaction. The flaw was addressed in commit e2ed589105d79273e4e6ac8eb31525f765bb3ce4, which implements proper validation and sanitization of DAG names to prevent path traversal. No known exploits are currently reported in the wild, but the potential for RCE makes this a critical risk for affected deployments.

This vulnerability poses a significant risk to organizations using dagu workflow engine, as it allows authenticated users with DAG write permissions to execute arbitrary code remotely. The impact includes potential full system compromise, unauthorized data access, and disruption of workflow automation processes. Attackers could overwrite critical configuration files or inject malicious DAGs that execute shell commands, leading to data breaches, service outages, or lateral movement within the network. Since dagu is used to automate workflows, exploitation could also affect business-critical operations and lead to compliance violations. The ease of exploitation combined with the ability to achieve RCE elevates the threat level, especially in environments where multiple users have DAG write access or where dagu runs with elevated system privileges.

Organizations should immediately upgrade dagu to a version later than 1.16.7 where the vulnerability is patched. Until upgrading, restrict DAG write permissions strictly to trusted and minimal users to reduce the attack surface. Implement network segmentation and access controls to limit exposure of the dagu API endpoint. Monitor logs for suspicious DAG creation requests containing path traversal patterns. Employ runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions to detect anomalous file writes or process executions originating from dagu. Conduct regular audits of DAG files and configuration files to detect unauthorized modifications. Consider running dagu with least privilege, ensuring the process has minimal filesystem permissions to limit the impact of potential exploitation.