CVE-2026-3840
Received Received - Intake
Path Traversal in Kedro via Version String

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: huntr.dev

Description
A vulnerability in Kedro version 1.2.0 allows an attacker to exploit path traversal by providing a crafted version string. The `_get_versioned_path()` method in `kedro/io/core.py` directly interpolates user-supplied version strings into filesystem paths without sanitization. This enables an attacker to escape the intended versioned dataset directory and access files outside the expected path. The issue is also reachable through the CLI via the `--load-versions` parameter, as `_split_load_versions()` in `kedro/framework/cli/utils.py` does not validate the version string. This vulnerability can lead to unauthorized file reads, data poisoning, cross-project or cross-tenant data access, and broader downstream impacts in environments where Kedro is used with automation or orchestration layers.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-12
AI Q&A
2026-06-12
EPSS Evaluated
N/A
NVD
CVE-2026-3840
EUVD
EUVD-2026-36497
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
quantumblack kedro 1.2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Kedro version 1.2.0 and involves a path traversal issue. The method `_get_versioned_path()` in the file `kedro/io/core.py` directly uses user-supplied version strings to build filesystem paths without properly sanitizing them. This allows an attacker to craft a malicious version string that escapes the intended directory for versioned datasets and accesses files outside the expected path.

Additionally, the vulnerability can be exploited through the command line interface using the `--load-versions` parameter, because the `_split_load_versions()` function in `kedro/framework/cli/utils.py` does not validate the version string input.

Impact Analysis

This vulnerability can lead to unauthorized file reads, allowing attackers to access sensitive files outside the intended dataset directories.

It can also enable data poisoning, where attackers manipulate data used by Kedro pipelines.

Furthermore, it may cause cross-project or cross-tenant data access, potentially exposing data from other projects or users.

In environments where Kedro is integrated with automation or orchestration layers, the impact can be broader and more severe, affecting downstream processes.

Compliance Impact

This vulnerability allows unauthorized file reads and cross-project or cross-tenant data access by exploiting path traversal in Kedro version 1.2.0. Such unauthorized access to sensitive data can lead to violations of data protection regulations like GDPR and HIPAA, which mandate strict controls over personal and health information confidentiality and integrity.

Specifically, the ability to access files outside the intended dataset directory without proper authorization can result in exposure of protected data, undermining compliance requirements related to data privacy, access control, and data integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3840. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart