PT-2026-53776 · Pypi · Everos

Published

2026-06-19

·

Updated

2026-06-19

CVSS v3.1

8.2

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
EverOS versions 1.0.0 and earlier are vulnerable to path traversal in the POST /api/v1/memory/add ingestion endpoint. The per-message sender id field was not validated as a path-safe identifier (unlike app id / project id, which already enforced this). During user-memory extraction, sender id is used as the owner id and joined into the filesystem path where the extracted episode is persisted as a Markdown file. A sender id containing ../ sequences could direct the write outside the configured memory root, allowing an unauthenticated caller to create or overwrite .md files at locations writable by the server process (unauthorized arbitrary file write). The file content is partially attacker-influenced.
Patch: Fixed in v1.0.1 with (1) path-safe validation on sender id (character whitelist plus rejection of the . and .. tokens) and (2) a defense-in-depth containment check in the Markdown writer that rejects any write resolving outside the memory root before any filesystem access, covering both the write and the append read-modify-write paths.
Remediation: Upgrade to EverOS 1.0.1. There is no workaround for affected versions other than upgrading.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

GHSA-C795-2G9C-J48M

Affected Products

Everos