Description
PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdown_table_to_image. This issue has been patched via commit 418491a.
Published: 2026-05-04
Score: 4.6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

PPTAgent, an agentic framework for reflective PowerPoint generation, contains a flaw in the markdown_table_to_image function that enables an attacker to write arbitrary files and create directories on the local file system. This defect, identified as a pathname traversal and file write vulnerability (CWE‑22), can overwrite existing files, interfere with application behavior, or place malicious content on disk. The description does not indicate that the flaw permits disclosure of existing data, but it allows the attacker to modify or replace files that the agent needs to run properly.

Affected Systems

All deployments of icip‑cas PPTAgent that have not applied commit 418491a are affected. The vulnerability applies to every version using the older markdown_table_to_image routine, regardless of the release date.

Risk and Exploitability

The CVSS score of 4.6 categorizes the issue as low severity. No EPSS data is available, which suggests that there are no public reports of exploitation. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local, possibly through a crafted request to the generating service; the description does not clarify whether remote input can trigger the function, so the risk depends on an attacker’s capacity to invoke this code path.

Generated by OpenCVE AI on May 4, 2026 at 19:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply patch commit 418491a or later to remove the vulnerable markdown_table_to_image code.
  • Restrict any interfaces that invoke markdown_table_to_image with authentication and strict input validation to prevent unauthorized execution.
  • Enable filesystem monitoring or integrity checks to detect unexpected file or directory creation by PPTAgent.

Generated by OpenCVE AI on May 4, 2026 at 19:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Icip-cas
Icip-cas pptagent
Vendors & Products Icip-cas
Icip-cas pptagent

Mon, 04 May 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 04 May 2026 17:15:00 +0000

Type Values Removed Values Added
Description PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdown_table_to_image. This issue has been patched via commit 418491a.
Title PPTAgent: Arbitrary File Write + Directory Creation via markdown_table_to_image
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 4.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L'}

Subscriptions

Icip-cas Pptagent
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-04T18:38:50.608Z

Reserved: 2026-04-23T19:17:30.565Z

Link: CVE-2026-42078

cve-icon Vulnrichment

Updated: 2026-05-04T18:38:42.517Z

cve-icon NVD

Status : Received

Published: 2026-05-04T17:16:24.740

Modified: 2026-05-04T17:16:24.740

Link: CVE-2026-42078

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T20:00:07Z

Weaknesses