CVE-2026-15331
Received Received - Intake

Path Traversal in CowAgent Skill Installation Handler

Vulnerability report for CVE-2026-15331, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-10

Last updated on: 2026-07-10

Assigner: VulDB

Description

A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function _add_url/_add_package of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated remotely. Upgrading to version 2.1.2 is sufficient to fix this issue. The identifier of the patch is e85290cddcbb5ffc9c235927f4c92e5b4c3ec264. It is advisable to upgrade the affected component.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-10
Last Modified
2026-07-10
Generated
2026-07-10
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
zhayujie cowagent to 2.1.0|start_including=2.1.2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-15331 is a path traversal vulnerability in the CowAgent software up to version 2.1.0. It affects the skill installation process, specifically the functions _add_url and _add_package in the file agent/skills/service.py. An attacker with cloud skill-management privileges can supply a malicious skill name containing path traversal sequences (like "../") which causes the system to write extracted skill content outside the intended skills directory. This improper validation allows files to be placed in directories outside the designated installation root, breaking isolation and potentially enabling unauthorized file overwrites or tampering.

Impact Analysis

This vulnerability can allow an authenticated attacker with cloud skill-management privileges to write files outside the intended skills directory. This can lead to unauthorized overwriting of files, tampering with the persistent state of the agent, or setting up further attacks by placing malicious files in adjacent directories. Such actions can compromise the integrity and security of the system running CowAgent.

Detection Guidance

This vulnerability involves path traversal in the skill installation process of CowAgent, triggered by supplying malicious skill names containing path traversal sequences such as "../". Detection can focus on monitoring for unusual or unauthorized skill installation requests that include such sequences.

Specifically, you can inspect logs or network traffic for SKILL add messages containing path traversal patterns in the skill name parameter.

  • Check application logs for skill installation requests with names containing '../' or absolute paths.
  • Use command-line tools like grep to search for suspicious skill names in logs, e.g., `grep -r "../" /path/to/cowagent/logs`.
  • Monitor network traffic for SKILL add messages with suspicious payloads using tools like tcpdump or Wireshark, filtering for relevant API endpoints or ports.

Since the vulnerability requires authenticated cloud skill-management privileges, auditing user actions and permissions related to skill installation can also help detect potential exploitation attempts.

Mitigation Strategies

The primary and recommended mitigation is to upgrade CowAgent to version 2.1.2 or later, which includes a fix that validates skill names to prevent path traversal.

The fix introduces a function that rejects skill names containing '..', absolute paths, or any resolved path outside the designated skills directory, effectively blocking exploitation.

  • Upgrade CowAgent to version 2.1.2 or newer.
  • If immediate upgrade is not possible, restrict or disable cloud skill-management features to limit exposure.
  • Audit and monitor skill installation requests for suspicious path traversal patterns.

Applying these steps will help prevent attackers from exploiting the path traversal vulnerability to write files outside the intended directory.

Compliance Impact

The provided information does not include any details about how the CVE-2026-15331 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15331. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart