CVE-2026-31886

Dagu and Affected Versions Dagu versions prior to 2.2.4

Description Dagu, a workflow engine, contains a path traversal flaw in the inline DAG execution endpoints. The dagRunId request field is passed directly into filepath.Join without proper validation, allowing an attacker to redirect the computed directory path outside the intended /tmp/<name>/<id> path by supplying values like "..". A deferred cleanup function then calls os.RemoveAll on the resolved directory, potentially deleting all files in /tmp owned by the dagu process user (on non-root deployments) or the entire contents of /tmp (on root or Docker deployments), leading to a denial of service. The vulnerability exists because the OpenAPI schema pattern enforcement is disabled by default, and there is no validation or sanitization of the dagRunId parameter before it is used in the filepath.Join call. The issue can be exploited by an authenticated operator with permission to run DAGs, or without authentication on versions 1.30.3 and earlier where the default authentication mode was 'none'. The vulnerability allows for arbitrary file writes and potential deletion of the DAGs directory. Approximately, no specific number of affected devices is mentioned. Real-world incidents are not mentioned. The vulnerable function is loadInlineDAG. The API endpoint affected is /api/v1/dag-runs. The vulnerable parameter is dagRunId.

Recommendations Update to version 2.2.4 or later.