CVE-2026-29870
Published: 31 March 2026
Summary
CVE-2026-29870 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 7.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 28.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation and normalization of filesystem path inputs like checkpoint_dir to prevent directory traversal and confine file writes to the intended checkpoint directory.
Mandates timely identification, reporting, and correction of the specific path validation flaw in ace/skillbook.py's save_to_file method to eliminate the vulnerability.
Employs least privilege for the application process to limit the scope and impact of arbitrary file writes to only authorized resources.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Arbitrary file write via path traversal (CWE-22) on a remotely exploitable app directly enables T1190 (remote app exploitation), T1105 (writing/transferring files to disk), and T1068 (file overwrite for privilege escalation or code execution).
NVD Description
A directory traversal vulnerability in the agentic-context-engine project versions up to 0.7.1 allows arbitrary file writes via the checkpoint_dir parameter in OfflineACE.run. The save_to_file method in ace/skillbook.py fails to normalize or validate filesystem paths, allowing traversal sequences to escape the…
more
intended checkpoint directory. This vulnerability allows attackers to overwrite arbitrary files accessible to the application process, potentially leading to application corruption, privilege escalation, or code execution depending on the deployment context.
Deeper analysisAI
CVE-2026-29870 is a directory traversal vulnerability (CWE-22) affecting the agentic-context-engine project in versions up to 0.7.1. The issue resides in the checkpoint_dir parameter passed to OfflineACE.run, where the save_to_file method in ace/skillbook.py does not properly normalize or validate filesystem paths. This flaw enables attackers to use traversal sequences to escape the intended checkpoint directory and perform arbitrary file writes on files accessible to the application process.
The vulnerability has a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L), indicating it is exploitable over the network with low complexity and requires only low privileges, without user interaction. An authenticated attacker with low privileges can leverage this to overwrite arbitrary files, potentially causing application corruption, privilege escalation, or code execution based on the deployment environment and permissions of the process.
For mitigation details, refer to the security advisory at https://github.com/lilmingwa13/security-research/blob/main/CVE-2026-29870.md, published on 2026-03-31.
Details
- CWE(s)