CVE-2026-7235
Received Received - Intake
Path Traversal in ErlichLiu claude-agent-sdk Remote Exploit

Publication date: 2026-04-28

Last updated on: 2026-04-28

Assigner: VulDB

Description
A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-28
Last Modified
2026-04-28
Generated
2026-06-16
AI Q&A
2026-04-28
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7235
EUVD
EUVD-2026-26007
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
erlichliu claude-agent-sdk to b185aa7 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows an attacker to read arbitrary local files on the server, including potentially sensitive configuration files, credentials, or source code. This unauthorized disclosure of sensitive information can lead to violations of data protection regulations such as GDPR and HIPAA, which require strict controls over the confidentiality and security of personal and sensitive data.

Since the vulnerability compromises confidentiality by exposing sensitive files without authorization, it may result in non-compliance with standards that mandate protection of data confidentiality and integrity.

Mitigations such as restricting file access, implementing authentication and authorization, and validating file paths are necessary to reduce the risk of regulatory non-compliance.

Executive Summary

CVE-2026-7235 is a path traversal vulnerability in the claude-agent-sdk-master project, specifically in the Next.js API endpoint `/api/agent-output` located in the file `app/api/agent-output/route.ts`.

The vulnerability arises because the API accepts a user-supplied parameter `outputFile` which is normalized but not properly validated to ensure it stays within a trusted directory.

This allows an attacker to manipulate the `outputFile` argument to read arbitrary local files on the server that the application has permission to access.

The attack can be performed remotely by sending crafted HTTP requests to the vulnerable endpoint, potentially exposing sensitive files such as configuration files, credentials, or source code.

Impact Analysis

This vulnerability can impact you by allowing attackers to read arbitrary local files on the server hosting the vulnerable application.

  • Confidentiality breach: Sensitive information such as configuration files, credentials, or source code can be disclosed.
  • No impact on integrity or availability, as the vulnerability only allows reading files, not modifying or deleting them.
  • If exploited, attackers could gain information that facilitates further attacks or unauthorized access.
Detection Guidance

This vulnerability can be detected by sending crafted HTTP POST requests to the vulnerable Next.js API endpoint `/api/agent-output` with a JSON body containing the `outputFile` parameter set to sensitive file paths. If the server responds with the contents of those files, the vulnerability is present.

A simple detection command using curl would be:

  • curl -X POST -H "Content-Type: application/json" -d '{"outputFile":"/etc/hosts"}' http://<target-host>/api/agent-output

If the response contains the contents of `/etc/hosts` or other sensitive files, it confirms the presence of the path traversal vulnerability.

Mitigation Strategies

Immediate mitigation steps include restricting the `outputFile` parameter to a server-controlled directory and validating the file path to prevent path traversal.

  • Implement path normalization and boundary checks using `path.resolve` to ensure the requested file is within an allowed directory.
  • Reject absolute paths or any paths that attempt to traverse outside the allowed directory.
  • Add authentication and authorization controls on the `/api/agent-output` endpoint to restrict access.
  • Avoid returning raw file contents directly; instead, use server-generated opaque file IDs mapped internally to safe paths.

These steps help prevent unauthorized file reads and reduce the risk of exploitation until a proper patch is released.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7235. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart