CVE-2026-49136: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Anionex banana-slides
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate_image() function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete path prefix check using os.path.startswith() without a trailing separator. Attackers can supply crafted markdown image references in user-controlled page descriptions that resolve to sibling directories whose names share the uploads folder prefix, bypassing the directory confinement check and causing the application to read files from unintended locations via PIL Image.open().
AI Analysis
Technical Summary
Banana Slides through version 0.4.0 contains a path traversal vulnerability in the generate_image() function within its AI service backend. The issue arises from an incomplete directory confinement check that uses os.path.startswith() without a trailing separator, allowing attackers to bypass the restriction by supplying crafted markdown image references. This enables unauthenticated attackers to read arbitrary image-format files located outside the intended uploads directory by accessing sibling directories with names sharing the uploads folder prefix. The vulnerability is exploitable without privileges or user interaction and has a CVSS 4.0 score of 8.7, indicating high severity. No official patch or remediation level has been provided as of the published date.
Potential Impact
An unauthenticated attacker can exploit this vulnerability to read arbitrary image files outside the designated uploads directory, potentially exposing sensitive image data. The vulnerability does not require privileges or user interaction and can lead to unauthorized information disclosure. There is no indication of code execution or modification impact. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vulnerability is due to an incomplete path prefix check, mitigation would typically involve correcting the path validation logic to properly restrict file access to the intended directory. Until an official fix is released, users should consider restricting access to the affected service or applying custom input validation to prevent exploitation.
CVE-2026-49136: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Anionex banana-slides
Description
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate_image() function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete path prefix check using os.path.startswith() without a trailing separator. Attackers can supply crafted markdown image references in user-controlled page descriptions that resolve to sibling directories whose names share the uploads folder prefix, bypassing the directory confinement check and causing the application to read files from unintended locations via PIL Image.open().
CVSS v4.0
Score 8.7high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Banana Slides through version 0.4.0 contains a path traversal vulnerability in the generate_image() function within its AI service backend. The issue arises from an incomplete directory confinement check that uses os.path.startswith() without a trailing separator, allowing attackers to bypass the restriction by supplying crafted markdown image references. This enables unauthenticated attackers to read arbitrary image-format files located outside the intended uploads directory by accessing sibling directories with names sharing the uploads folder prefix. The vulnerability is exploitable without privileges or user interaction and has a CVSS 4.0 score of 8.7, indicating high severity. No official patch or remediation level has been provided as of the published date.
Potential Impact
An unauthenticated attacker can exploit this vulnerability to read arbitrary image files outside the designated uploads directory, potentially exposing sensitive image data. The vulnerability does not require privileges or user interaction and can lead to unauthorized information disclosure. There is no indication of code execution or modification impact. No known exploits in the wild have been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vulnerability is due to an incomplete path prefix check, mitigation would typically involve correcting the path validation logic to properly restrict file access to the intended directory. Until an official fix is released, users should consider restricting access to the affected service or applying custom input validation to prevent exploitation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-05-27T17:40:12.738Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1de934e29bf47b503e847f
Added to database: 6/1/2026, 8:19:00 PM
Last enriched: 6/1/2026, 8:33:31 PM
Last updated: 6/1/2026, 9:20:04 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.