Description
prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing server-side filename validation to inject path traversal sequences ../ into skill file archives, which when extracted by vulnerable tools write files outside the intended directory and overwrite shell initialization files to achieve code execution.
Published: 2026-04-03
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

Prompts.chat suffers from a path traversal flaw in its skill file handling routine, allowing attackers to embed directory traversal sequences in ZIP archive filenames. When the vulnerable extraction tool processes these filenames, it writes files outside the intended directory, including overwriting shell initialization files. This gives an attacker the ability to execute arbitrary code on the client system. The weakness is a classic path traversal issue (CWE-22).

Affected Systems

The vulnerability affects all releases of Prompts.chat from the f:prompts.chat project that were created before the patch identified by commit 0f8d4c381abd7b2d7478c9fdee9522149c2d65e5. Active users running older versions without this commit are at risk.

Risk and Exploitability

The CVSS score of 8.6 classifies it as high severity, and an EPSS score of less than 1% indicates a low probability of exploitation so far, though the capability to achieve remote code execution makes it a critical risk. The vulnerability is not yet listed in the CISA KEV catalog. Exploitation requires the attacker to supply a malicious ZIP file through the skill file upload interface, suggesting the vector is remote and conditional on providing input to the handling function.

Generated by OpenCVE AI on April 13, 2026 at 19:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Prompts.chat to the patched commit (0f8d4c381abd7b2d7478c9fdee9522149c2d65e5) or later releases.
  • If an update is not immediately available, disable or remove the ability to upload untrusted skill files from the application.
  • Configure the file extraction routine to reject filenames containing "../" sequences or to enforce a strict safe‑path check.
  • Monitor logs for failed or anomalous file extraction attempts and alert administrators if malicious payloads are detected.

Generated by OpenCVE AI on April 13, 2026 at 19:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Fka
Fka prompts.chat
CPEs cpe:2.3:a:fka:prompts.chat:*:*:*:*:*:*:*:*
Vendors & Products Fka
Fka prompts.chat

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared F
F prompts.chat
Vendors & Products F
F prompts.chat

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Description prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing server-side filename validation to inject path traversal sequences ../ into skill file archives, which when extracted by vulnerable tools write files outside the intended directory and overwrite shell initialization files to achieve code execution.
Title prompts.chat Path Traversal via Skill File Handling
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

F Prompts.chat
Fka Prompts.chat
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-06T15:55:44.782Z

Reserved: 2026-01-08T19:04:26.364Z

Link: CVE-2026-22661

cve-icon Vulnrichment

Updated: 2026-04-06T15:55:36.476Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-03T21:17:08.970

Modified: 2026-04-13T18:23:32.647

Link: CVE-2026-22661

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:41:46Z

Weaknesses