PT-2026-33466 · Bytedance · Deer-Flow
Published
2026-04-17
·
Updated
2026-04-19
·
CVE-2026-40518
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
ByteDance DeerFlow versions prior to commit 2176b2b
Description
An issue exists in bootstrap-mode custom-agent creation where the validation of the agent name is bypassed. This allows attackers to use absolute paths or traversal-style values as the agent name to influence directory creation and write files outside the intended custom-agent directory, which may lead to arbitrary file write on the system depending on filesystem permissions.
Recommendations
Update to commit 2176b2b or a newer version.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Deer-Flow