CVE-2026-45626

Name of the Vulnerable Software and Affected Versions Arcane versions 1.18.1 and earlier

Description An issue exists where the endpoint "GET /environments/{id}/volumes/{volumeName}/browse" accepts a path query parameter that is passed to a shell command (sh -c "find … | while …") inside a helper container. The path sanitizer blocks directory traversal using ../ but fails to strip Bourne-shell metacharacters such as $() or backticks. Additionally, the use of strconv.Quote only escapes Go string metacharacters and not shell substitution sequences.

This allows any authenticated user with access to a browseable volume to execute arbitrary commands inside the isolated helper container. The output of these commands is reflected back to the user within the HTTP 500 error response body. While the helper container is network-disabled and lacks privileged mode or Docker socket mounts, this flaw enables attackers to bypass API restrictions, such as symlink-target censoring and file size limits, and to probe the helper image and volume.

Furthermore, the same insufficient sanitizer in the "DELETE /environments/{id}/volumes/{volumeName}/browse" endpoint allows an authenticated user to recursively delete all volume contents by providing path=. as input.

Recommendations For versions 1.18.1 and earlier, update the software to a version where the path sanitizer is hardened to strip shell metacharacters and prevent command substitution. As a temporary workaround, restrict access to the "GET /environments/{id}/volumes/{volumeName}/browse" and "DELETE /environments/{id}/volumes/{volumeName}/browse" endpoints to trusted administrators only.