Description
Dagu is a workflow engine with a built-in Web user interface. In versions up to and including 1.16.7, the `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG name before passing it to the file store. An authenticated user with DAG write permissions can write arbitrary YAML files anywhere on the filesystem (limited by the process permissions). Since dagu executes DAG files as shell commands, writing a malicious DAG to the DAGs directory of another instance or overwriting config files can lead to remote code execution. Commit e2ed589105d79273e4e6ac8eb31525f765bb3ce4 fixes the issue.
Published: 2026-02-25
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

An authenticated user with DAG write permissions can specify arbitrary DAG names, allowing the CreateNewDAG endpoint to write YAML files anywhere on the filesystem within the process's permissions. This path traversal flaw permits writing malicious DAG files that, once executed, can run arbitrary shell commands. In addition, an attacker could overwrite the DAGs of another instance or modify configuration files, leading to remote code execution.

Affected Systems

The vulnerability affects the dagu workflow engine provided by dagu-org. Versions up to and including 1.16.7 are impacted. The flaw resides in the API endpoint that creates new DAGs. The underlying file system permissions of the instance determine how far the attacker can write files.

Risk and Exploitability

The CVSS base score of 7.1 indicates high-risk severity, while an EPSS value of less than 1% reflects a very low likelihood of exploitation currently. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires authentication to the API with DAG write rights and depends on the file system privileges granted to the dagu process. Once the attacker writes a malicious YAML file, execution of that file through the engine can lead to arbitrary code execution on the host.

Generated by OpenCVE AI on April 17, 2026 at 15:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch from commit e2ed589105d79273e4e6ac8eb31525f765bb3ce4 or upgrade to dagu v1.16.8 or newer
  • Restrict DAG write permissions to only trusted administrator accounts, revoking write access from other users
  • Run dagu with the minimal file system privileges necessary, ensuring it cannot write beyond the intended directories

Generated by OpenCVE AI on April 17, 2026 at 15:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-6v48-fcq6-ff23 Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
History

Wed, 25 Feb 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Dagu
Dagu dagu
CPEs cpe:2.3:a:dagu:dagu:*:*:*:*:*:*:*:*
Vendors & Products Dagu
Dagu dagu
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}

Wed, 25 Feb 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Dagu-org
Dagu-org dagu
Vendors & Products Dagu-org
Dagu-org dagu

Wed, 25 Feb 2026 01:00:00 +0000

Type Values Removed Values Added
Description Dagu is a workflow engine with a built-in Web user interface. In versions up to and including 1.16.7, the `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG name before passing it to the file store. An authenticated user with DAG write permissions can write arbitrary YAML files anywhere on the filesystem (limited by the process permissions). Since dagu executes DAG files as shell commands, writing a malicious DAG to the DAGs directory of another instance or overwriting config files can lead to remote code execution. Commit e2ed589105d79273e4e6ac8eb31525f765bb3ce4 fixes the issue.
Title Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Dagu Dagu
Dagu-org Dagu
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-26T21:02:19.359Z

Reserved: 2026-02-20T19:43:14.602Z

Link: CVE-2026-27598

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-02-25T01:16:09.157

Modified: 2026-06-17T10:27:22.060

Link: CVE-2026-27598

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T15:45:15Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')