Zero Day MonitorZDM

← Back to list

8.8

CVE-2026-39981PATCHED

pypa · agixt

AGiXT has a Path Traversal in safe_join()

Description

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safe_join() function in the essential_abilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or delete arbitrary files on the server hosting the AGiXT instance. This vulnerability is fixed in 1.9.2.

Affected Products

Vendor	Product	Versions
pypa	agixt	pip/agixt: <= 1.9.1

References

https://github.com/Josh-XT/AGiXT/security/advisories/GHSA-5gfj-64gh-mgmw(x_refsource_CONFIRM)
https://github.com/Josh-XT/AGiXT/commit/2079ea5a88fa671a921bf0b5eba887a5a1b73d5f(x_refsource_MISC)
https://github.com/Josh-XT/AGiXT/releases/tag/v1.9.2(x_refsource_MISC)

Related News (1 articles)

Tier C

VulDB8h ago

CVE-2026-39981 | Josh-XT AGiXT up to 1.9.1 safe_join path traversal

→ No new info (linked only)

CVSS 3.18.8 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

agixt@1.9.2

CWECWE-22

PublishedApr 8, 2026

Last enriched7h agov2

Tags

GHSA-5gfj-64gh-mgmwpip

Trending Score26

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-34824

Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service

MEDIUMCVE-2026-34052

LTI JupyterHub Authenticator: Unbounded Memory Growth via Nonce Storage (Denial of Service)

HIGHCVE-2024-49048

TorchGeo Remote Code Execution Vulnerability

CRITICALCVE-2025-15036

A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present

CRITICALCVE-2025-15379

A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` function. When deploying a model with `env_

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 8, 2026

Discovered by ZDM

Apr 9, 2026

Patch Available

Apr 9, 2026

Updated: severity

Apr 9, 2026

Version History

v2

Last enriched 7h ago

v2Tier C7h ago

Updated severity to CRITICAL and noted that there is no available exploit.

severity

via VulDB

v111h ago

Initial creation