Dagu · Dagu · CVE-2026-31886
**Dagu and Affected Versions**
Dagu versions prior to 2.2.4
**Description**
Dagu, a workflow engine, contains a path traversal flaw in the inline DAG execution endpoints. The `dagRunId` request field is passed directly into `filepath.Join` without proper validation, allowing an attacker to redirect the computed directory path outside the intended `/tmp/<name>/<id>` path by supplying values like "..". A deferred cleanup function then calls `os.RemoveAll` on the resolved directory, potentially deleting all files in `/tmp` owned by the dagu process user (on non-root deployments) or the entire contents of `/tmp` (on root or Docker deployments), leading to a denial of service. The vulnerability exists because the OpenAPI schema pattern enforcement is disabled by default, and there is no validation or sanitization of the `dagRunId` parameter before it is used in the `filepath.Join` call. The issue can be exploited by an authenticated operator with permission to run DAGs, or without authentication on versions 1.30.3 and earlier where the default authentication mode was 'none'. The vulnerability allows for arbitrary file writes and potential deletion of the DAGs directory. Approximately, no specific number of affected devices is mentioned. Real-world incidents are not mentioned. The vulnerable function is `loadInlineDAG`. The API endpoint affected is `/api/v1/dag-runs`. The vulnerable parameter is `dagRunId`.
**Recommendations**
Update to version 2.2.4 or later.