CVE-2026-26396
HIGH
NVD
CVSS Score
7.5
Severity
HIGH
Published
Jul 13, 2026
Vendor
unknown
Description
OpenBMB XAgent v1.0.0 and before is vulnerable to path traversal in the file() function in XAgent/XAgentServer/application/routers/workspace.py. The input parameter “filename” is user-controllable and is concatenated into the file path to be read without proper validation, leading to a directory traversal vulnerability that may result in sensitive information disclosure.