PT-2026-35718 · Unknown · Creative-Ad-Agent

Brucejin

Published

2026-04-28

Updated

2026-04-29

CVE-2026-7271

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions DV0x creative-ad-agent versions prior to 3d255865a957f3740b8724dd914502c0f44d4970

Description A path traversal issue exists in the creative-ad-agent-server component within the server/sdk-server.ts file. Manipulation of the req.params argument allows for remote exploitation.

Recommendations Apply patch 3d255865a957f3740b8724dd914502c0f44d4970.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2026-7271

Affected Products

Creative-Ad-Agent

PT-2026-35718 · Unknown · Creative-Ad-Agent

CVE-2026-7271

Weakness Enumeration

Related Identifiers

Affected Products

References · 10