CVE-2026-45222
Summarize Daemon Configuration File Permission Vulnerability
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| steipete | summarize | to 0.14.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-45222 is a medium-severity vulnerability in the Summarize software versions up to 0.14.1. The issue arises because the daemon configuration directory and file are created with default filesystem permissions that may be world-readable on Unix-like systems.
This misconfiguration allows local attackers to read sensitive information such as bearer tokens and API credentials stored in the file ~/.summarize/daemon.json. By exploiting these permissive permissions, an attacker with local access can gain unauthorized access to the daemon or recover sensitive API keys.
How can this vulnerability impact me? :
If you are running a vulnerable version of Summarize on a Unix-like system, local users on the same machine could read sensitive credentials stored in the daemon configuration files due to overly permissive file permissions.
This could lead to unauthorized access to the daemon, allowing attackers to interact with it as if they were legitimate users, or to recover sensitive API keys that could be used to access other services.
The impact is primarily confidentiality loss, as attackers can read secrets they should not have access to, potentially leading to further compromise depending on the use of those credentials.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking the filesystem permissions of the daemon configuration directory and file located at ~/.summarize/daemon.json on Unix-like systems.
Specifically, you should verify if the directory ~/.summarize has permissions more permissive than 0700 and if the daemon.json file has permissions more permissive than 0600, as these loose permissions allow other local users to read sensitive bearer tokens and API credentials.
- Run the command: ls -ld ~/.summarize
- Run the command: ls -l ~/.summarize/daemon.json
If the directory permissions are not 700 or the file permissions are not 600, the system is vulnerable to this issue.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, you should restrict the filesystem permissions of the daemon configuration directory and file to owner-only access.
- Set the directory ~/.summarize permissions to 700 using: chmod 700 ~/.summarize
- Set the daemon.json file permissions to 600 using: chmod 600 ~/.summarize/daemon.json
Additionally, update the Summarize software to a version that includes the fix (commit 0cfb0fb or later), which enforces these restrictive permissions automatically and repairs existing loose permissions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-45222 allows local attackers to read sensitive bearer tokens and API credentials due to insecure default filesystem permissions on Unix-like systems. This unauthorized access to sensitive data could potentially lead to violations of data protection standards and regulations that require safeguarding of sensitive information, such as GDPR and HIPAA.
Specifically, the exposure of authentication tokens and API keys may result in unauthorized access to protected systems or data, which conflicts with compliance requirements for confidentiality and access control mandated by these regulations.
The vulnerability highlights the importance of enforcing strict file permissions to protect sensitive credentials, which is a common security control expected under standards like GDPR and HIPAA to prevent unauthorized data disclosure.