PYSEC-2026-2794

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/openchatbi/PYSEC-2026-2794.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-2794
Aliases
Published
2026-07-13T14:36:40.268691Z
Modified
2026-07-13T16:31:59.828600510Z
Severity
  • 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
OpenChatBI has a Path Traversal Vulnerability in save_report Tool
Details

Impact

The save_report tool in openchatbi/tool/save_report.py suffers from a critical path traversal vulnerability due to insufficient input sanitization of the file_format parameter.

The function only removes leading dots of file_format using file_format.lstrip(".") but allows path traversal sequences like /../../ to pass through unchanged. When the filename is constructed via string concatenation in

f"{timestamp}_{clean_title}.{file_format}"

malicious path sequences are preserved, enabling attackers to write files outside the designated report directory.

An attacker can manipulate the LLM to call the tool with a specific file_format to overwrite critical system files like __init__.py, potentially leading to remote code execution.

Patches

  • Affected versions: <=0.2.1
  • Patched versions: 0.2.2 (includes fix from PR #12: https://github.com/zhongyu09/openchatbi/pull/12)

Workarounds

No

References

  • Issue #10: https://github.com/zhongyu09/openchatbi/issues/10
  • PR #12: https://github.com/zhongyu09/openchatbi/pull/12
References

Affected packages

PyPI / openchatbi

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.2

Affected versions

0.*
0.0.1
0.1.0
0.1.1
0.2.0
0.2.1

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/openchatbi/PYSEC-2026-2794.yaml"