Description
A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19) in the Beifong AI News and Podcast Agent backend in FastAPI backend, stream-audio endpoint, in file routers/podcast_router.py, in function stream_audio. The stream-audio endpoint accepts a user-controlled path parameter that is concatenated into a filesystem path without proper validation or restriction. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary files from the server filesystem, potentially disclosing sensitive information such as configuration files and credentials.
Published: 2026-03-27
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote File Read
Action: Immediate Patch
AI Analysis

Impact

A path traversal flaw in the Beifong AI Podcast Agent lets an unauthenticated attacker request a crafted path that bypasses the intended filesystem boundaries and reads any file the server process can access. The vulnerability originates in the stream‑audio endpoint, which concatenates a user‑controlled parameter directly into a file path without validation. This can lead to disclosure of sensitive data such as configuration files, credentials, or other private information stored on the server.

Affected Systems

The vulnerability affects the awesome_llm_apps project maintained by TheUnwindAI. Any release containing the vulnerable commit (e46690f99c3f08be80a9877fab52acacfab8251, dated 2026‑01‑19) is potentially impacted. No additional version restrictions are listed.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity, but the EPSS value of less than 1% suggests that exploitation is currently unlikely. The flaw is not listed in CISA’s KEV database, implying no known public exploits at this time. The likely attack vector is an unauthenticated HTTP request to the stream‑audio endpoint with a crafted path argument that allows an attacker to read arbitrary files on the server.

Generated by OpenCVE AI on April 2, 2026 at 23:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a version of awesome_llm_apps that contains the fix for the stream‑audio endpoint.
  • If a patch is not yet available, modify the stream‑audio route to enforce strict path validation or restrict it to a whitelist of directories.
  • Implement authentication for all endpoints that handle file paths to prevent unauthenticated access.
  • Review server logs for any attempts to access unintended file locations and block repeated patterns.

Generated by OpenCVE AI on April 2, 2026 at 23:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Title Path Traversal in Beifong AI Podcast Agent Enables Arbitrary File Read

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Theunwindai
Theunwindai awesome Llm Apps
CPEs cpe:2.3:a:theunwindai:awesome_llm_apps:*:*:*:*:*:*:*:*
Vendors & Products Theunwindai
Theunwindai awesome Llm Apps

Mon, 30 Mar 2026 08:15:00 +0000

Type Values Removed Values Added
Title Path Traversal in Beifong AI Podcast Agent Enables Arbitrary File Read
First Time appeared Shubhamsaboo
Shubhamsaboo awesome-llm-apps
Vendors & Products Shubhamsaboo
Shubhamsaboo awesome-llm-apps

Sun, 29 Mar 2026 20:45:00 +0000

Type Values Removed Values Added
Title Path Traversal in Beifong AI News and Podcast Agent Backend Enables Arbitrary File Read
Weaknesses CWE-200

Sat, 28 Mar 2026 03:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
Title Path Traversal in Beifong AI News and Podcast Agent Backend Enables Arbitrary File Read
Weaknesses CWE-200
CWE-22

Fri, 27 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Description A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19) in the Beifong AI News and Podcast Agent backend in FastAPI backend, stream-audio endpoint, in file routers/podcast_router.py, in function stream_audio. The stream-audio endpoint accepts a user-controlled path parameter that is concatenated into a filesystem path without proper validation or restriction. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary files from the server filesystem, potentially disclosing sensitive information such as configuration files and credentials.
References

Subscriptions

Shubhamsaboo Awesome-llm-apps
Theunwindai Awesome Llm Apps
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-27T20:26:22.909Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-29871

cve-icon Vulnrichment

Updated: 2026-03-27T20:25:42.443Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-27T15:16:52.067

Modified: 2026-04-02T19:38:55.050

Link: CVE-2026-29871

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:38:41Z

Weaknesses