Description
A security vulnerability has been detected in griptape-ai griptape 0.19.4. Affected by this vulnerability is the function load_files_from_disk/list_files_from_disk/save_content_to_file/save_memory_artifacts_to_disk of the component FileManagerTool. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-04-05
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote path traversal enabling arbitrary file access
Action: Immediate Patch
AI Analysis

Impact

The vulnerability resides in the FileManagerTool component of the griptape-ai griptape library, allowing attackers to craft requests that cause the tool to read from or write to files outside of the intended directory. This occurs through manipulation of functions such as load_files_from_disk, list_files_from_disk, save_content_to_file, and save_memory_artifacts_to_disk. The outcome is the potential for an adversary to expose sensitive data or place malicious files, which could later be leveraged for further compromise. The weakness is a classic path traversal flaw, identified by CWE-22, and is observable from a remote context as the exploit can be triggered without local user interaction.

Affected Systems

This issue affects the griptape-ai griptape library, specifically the FileManagerTool component in version 0.19.4. Users who are running this exact version or derive it from the same codebase are susceptible. The scope does not extend to other versions unless they include the same vulnerable functions without proper sanitization.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate risk; the lack of an available EPSS score means exploit likelihood data is currently unknown. Since the vulnerability can be exploited from outside the host, it poses a significant threat to confidentiality and integrity. While the CVE notes that the exploit has been publicly disclosed and may be used, the specific impact could range from data exposure to arbitrary code execution if the written files can be executed by the application or system. The absence from the CISA KEV catalog suggests it is not a known exploited vulnerability yet, but the potential severity warrants precaution.

Generated by OpenCVE AI on April 5, 2026 at 21:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade griptape to a version that resolves the path traversal flaw if a newer release is available.
  • If an update is not possible, disable or intercept calls to FileManagerTool’s file operations so that no arbitrary paths can be used.
  • Restrict the directories that the application is allowed to access, for example by using a whitelist of safe paths or by running the application in a sandboxed environment.
  • Verify that any user-supplied paths are validated and normalized before being passed to the FileManagerTool.
  • Monitor file system logs for unexpected writes or reads that could indicate an exploitation attempt.

Generated by OpenCVE AI on April 5, 2026 at 21:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Griptape-ai
Griptape-ai griptape
Vendors & Products Griptape-ai
Griptape-ai griptape

Mon, 06 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 05 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in griptape-ai griptape 0.19.4. Affected by this vulnerability is the function load_files_from_disk/list_files_from_disk/save_content_to_file/save_memory_artifacts_to_disk of the component FileManagerTool. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title griptape-ai griptape FileManagerTool save_memory_artifacts_to_disk path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Griptape-ai Griptape
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-06T14:50:16.472Z

Reserved: 2026-04-05T05:16:55.437Z

Link: CVE-2026-5595

cve-icon Vulnrichment

Updated: 2026-04-06T14:33:55.839Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-05T20:16:03.303

Modified: 2026-04-07T13:20:35.010

Link: CVE-2026-5595

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T21:56:24Z

Weaknesses