Cyber Resilience

CVE-2026-42075

High

Published: 04 May 2026

Published
04 May 2026
Modified
07 May 2026
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0057 42.8th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-42075 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Ingress Tool Transfer (T1105); ranked at the 42.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-42075 is a path traversal vulnerability (CWE-22) affecting Evolver, a GEP-powered self-evolving engine for AI agents, in versions prior to 1.69.3. The issue resides in the skill download (fetch) command, where the --out= flag accepts user-provided paths without validation. This allows attackers to specify paths that traverse directories, enabling writes to arbitrary locations on the filesystem, such as overwriting critical system files or creating files in sensitive directories. The vulnerability carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).

Attackers with low privileges (PR:L) can exploit this over the network (AV:N) with low complexity and no user interaction required. By providing a malicious path to the --out= flag during execution of the fetch command, such as one using directory traversal sequences (e.g., ../), they can achieve arbitrary file writes. This results in high integrity (I:H) and availability (A:H) impacts, potentially disrupting system operations or escalating control through file manipulation, though no confidentiality impact is present.

The vulnerability has been patched in Evolver version 1.69.3, as detailed in the project's GitHub release notes and security advisories (GHSA-r466-rxw4-3j9j). Security practitioners should upgrade to 1.69.3 or later to mitigate the issue, and review usage of the fetch command's --out= flag in automated or user-controlled environments.

Evolver's role as a self-evolving engine for AI agents introduces relevance to AI/ML deployments, where untrusted skill downloads could amplify risks in agentic workflows. No public evidence of real-world exploitation is available as of the CVE publication on 2026-05-04.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download (fetch) command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths…

more

without validation, enabling directory traversal attacks that can overwrite critical system files or create files in sensitive location. This issue has been patched in version 1.69.3.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1105 Ingress Tool Transfer Command And Control
Adversaries may transfer tools or other files from an external system into a compromised environment.
T1053 Scheduled Task/Job Execution
Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code.
T1543 Create or Modify System Process Persistence
Adversaries may create or modify system-level processes to repeatedly execute malicious payloads as part of persistence.
T1685 Disable or Modify Tools Defense Impairment
Adversaries may disable, degrade, or tamper with security tools or applications (e.
Why these techniques?

Path traversal in the skill fetch --out= flag provides an arbitrary file write primitive on the target filesystem. This directly enables placement of attacker-controlled files for tool ingress (T1105), writing cron/systemd/scheduled-task definitions (T1053), creation or modification of persistent system processes/services (T1543), and overwriting security-tool binaries or configuration files (T1562).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-7216Shared CWE-22
CVE-2026-25592Shared CWE-22
CVE-2026-7811Shared CWE-22
CVE-2026-40576Shared CWE-22
CVE-2026-7237Shared CWE-22
CVE-2026-7788Shared CWE-22
CVE-2026-7386Shared CWE-22
CVE-2025-68145Shared CWE-22
CVE-2026-39981Shared CWE-22
CVE-2026-7319Shared CWE-22

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates validation of user-provided paths in the --out= flag to block directory traversal sequences like ../.

prevent

Requires identification, reporting, and patching of the specific path traversal flaw fixed in Evolver version 1.69.3.

prevent

Enforces least privilege to restrict low-privileged (PR:L) attackers from writing to or overwriting critical system files outside intended directories.

References