CVE-2026-46336
Received Received - Intake

Path Traversal in Manyfold 3D Model Manager

Vulnerability report for CVE-2026-46336, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: GitHub, Inc.

Description

Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. From 0.96.0 until 0.140.0, authenticated users can rename uploaded files with path traversal sequences because app/models/model_file.rb uses the user-controlled filename in File.join(model.path, filename) without sufficient sanitization, allowing files to be moved or written outside the configured library directory. This issue is fixed in version 0.140.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-16
AI Q&A
2026-07-16
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
manyfold3d manyfold From 0.96.0 (inc) to 0.140.0 (inc)
manyfold3d manyfold 0.140.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CWE-73 The product allows user input to control or influence paths or file names that are used in filesystem operations.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a path traversal issue in Manyfold, an open-source 3D model management application. Between versions 0.96.0 and 0.140.0, authenticated users could rename uploaded files using path traversal sequences (like ../../../) to move or write files outside the intended library directory. The flaw occurs because filenames are not properly sanitized before being used in filesystem paths.

Detection Guidance

Check Manyfold version with: docker exec manyfold_app cat /app/VERSION or grep version /app/Gemfile.lock. If version is between 0.96.0 and 0.139.0, the system is vulnerable. Review file rename logs for suspicious paths containing ../ or absolute paths.

Impact Analysis

An attacker with authenticated access could exploit this to overwrite system files, access restricted directories, or manipulate files outside the application's storage location. This could lead to data corruption, unauthorized file access, or potential system compromise depending on the attacker's goals.

Compliance Impact

This vulnerability could violate compliance requirements by allowing unauthorized access to sensitive data or system files. For GDPR, it may lead to unauthorized data exposure. For HIPAA, it could permit access to protected health information. Organizations using affected versions may face compliance violations and potential legal consequences.

Mitigation Strategies

Upgrade Manyfold to version 0.140.0 or later immediately. Apply the patch from pull request #6122 if upgrading is not immediately possible. Restrict file rename permissions to trusted users only.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46336. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart