CVE-2026-3840 is a path traversal vulnerability (CWE-22) in kedro-org/kedro version 1.2.0. The vulnerability arises because the _get_versioned_path() method in kedro/io/core.py directly uses user-supplied version strings to construct filesystem paths without sanitization. Additionally, the CLI interface's --load-versions parameter, handled by _split_load_versions() in kedro/framework/cli/utils.py, does not validate these version strings, making the vulnerability reachable via command line. This allows an attacker with local privileges to escape the intended versioned dataset directory and access arbitrary files on the filesystem. The impact includes unauthorized file reads, potential data poisoning, and cross-project or cross-tenant data exposure, especially in environments using Kedro with automation or orchestration layers.

An attacker with local access and limited privileges can exploit this vulnerability to read unauthorized files outside the intended directories by supplying crafted version strings. This can lead to unauthorized disclosure of sensitive data, data poisoning, and cross-project or cross-tenant data access. The vulnerability does not affect availability but has high confidentiality and integrity impacts as per the CVSS score of 7.1.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid using version strings from untrusted sources and restrict access to the CLI and configuration parameters that accept version strings. Monitor vendor channels for updates and apply patches promptly once released.