CVE-2026-40027: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in abrignoni ALEAPP
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.py artifact parser that uses attacker-controlled file_name_from values from a database directly as the output filename, allowing arbitrary file writes outside the report output directory. An attacker can embed a path traversal payload such as ../../../outside_written.bin in the database to write files to arbitrary locations, potentially achieving code execution by overwriting executable files or configuration.
AI Analysis
Technical Summary
CVE-2026-40027 is a path traversal vulnerability (CWE-22) in abrignoni's ALEAPP tool, specifically in the NQ_Vault.py artifact parser. The parser uses file_name_from values from a database directly as output filenames without proper validation or sanitization. An attacker can supply a path traversal payload (e.g., ../../../outside_written.bin) to write files outside the designated report output directory. This can lead to arbitrary file writes, including overwriting executable or configuration files, which may enable code execution. The vulnerability affects versions through 3.4.0. The CVSS 4.0 vector indicates local attack vector with low complexity, no privileges required, user interaction needed, and high impact on confidentiality and integrity.
Potential Impact
The vulnerability allows an attacker with local access and the ability to influence database contents to write arbitrary files outside the intended directory. This can compromise system integrity by overwriting executables or configuration files, potentially leading to code execution. Confidentiality and integrity impacts are rated high. There are no reports of active exploitation currently.
Mitigation Recommendations
No official patch or remediation is currently available. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is released, users should avoid processing untrusted database inputs with ALEAPP and consider running the tool in isolated environments to limit potential impact.
CVE-2026-40027: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in abrignoni ALEAPP
Description
ALEAPP (Android Logs Events And Protobuf Parser) through 3.4.0 contains a path traversal vulnerability in the NQ_Vault.py artifact parser that uses attacker-controlled file_name_from values from a database directly as the output filename, allowing arbitrary file writes outside the report output directory. An attacker can embed a path traversal payload such as ../../../outside_written.bin in the database to write files to arbitrary locations, potentially achieving code execution by overwriting executable files or configuration.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-40027 is a path traversal vulnerability (CWE-22) in abrignoni's ALEAPP tool, specifically in the NQ_Vault.py artifact parser. The parser uses file_name_from values from a database directly as output filenames without proper validation or sanitization. An attacker can supply a path traversal payload (e.g., ../../../outside_written.bin) to write files outside the designated report output directory. This can lead to arbitrary file writes, including overwriting executable or configuration files, which may enable code execution. The vulnerability affects versions through 3.4.0. The CVSS 4.0 vector indicates local attack vector with low complexity, no privileges required, user interaction needed, and high impact on confidentiality and integrity.
Potential Impact
The vulnerability allows an attacker with local access and the ability to influence database contents to write arbitrary files outside the intended directory. This can compromise system integrity by overwriting executables or configuration files, potentially leading to code execution. Confidentiality and integrity impacts are rated high. There are no reports of active exploitation currently.
Mitigation Recommendations
No official patch or remediation is currently available. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is released, users should avoid processing untrusted database inputs with ALEAPP and consider running the tool in isolated environments to limit potential impact.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-04-08T13:36:46.362Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d6cdb91cc7ad14dab5bf92
Added to database: 4/8/2026, 9:50:49 PM
Last enriched: 4/8/2026, 10:06:06 PM
Last updated: 4/9/2026, 8:13:38 AM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.