{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2216", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-02-08T08:32:27.048Z", "datePublished": "2026-02-09T05:02:06.373Z", "dateUpdated": "2026-02-23T09:56:58.204Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T09:56:58.204Z"}, "title": "rachelos WeRSS we-mp-rss tools.py download_export_file path traversal", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "Path Traversal"}]}], "affected": [{"vendor": "rachelos", "product": "WeRSS we-mp-rss", "versions": [{"version": "1.4.0", "status": "affected"}, {"version": "1.4.1", "status": "affected"}, {"version": "1.4.2", "status": "affected"}, {"version": "1.4.3", "status": "affected"}, {"version": "1.4.4", "status": "affected"}, {"version": "1.4.5", "status": "affected"}, {"version": "1.4.6", "status": "affected"}, {"version": "1.4.7", "status": "affected"}, {"version": "1.4.8", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in rachelos WeRSS we-mp-rss up to 1.4.8. Impacted is the function download_export_file of the file apis/tools.py. Executing a manipulation of the argument filename can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-02-08T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-02-08T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-02-09T08:53:26.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "din4 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.344933", "name": "VDB-344933 | rachelos WeRSS we-mp-rss tools.py download_export_file path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.344933", "name": "VDB-344933 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.752763", "name": "Submit #752763 | rachelos WeRSS WeRSS<=1.4.8 Pathname Traversal", "tags": ["third-party-advisory"]}, {"url": "https://www.notion.so/WeRSS-Path-Traversal-Vulnerability-Leads-to-Arbitrary-File-Read-2feea92a3c41804da1f1f5ddbf86e655", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-09T16:08:06.567344Z", "id": "CVE-2026-2216", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T16:08:32.285Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2216", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-09T16:08:06.567344Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T16:08:11.016Z"}}], "cna": {"title": "rachelos WeRSS we-mp-rss tools.py download_export_file path traversal", "credits": [{"lang": "en", "type": "reporter", "value": "din4 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "rachelos", "product": "WeRSS we-mp-rss", "versions": [{"status": "affected", "version": "1.4.0"}, {"status": "affected", "version": "1.4.1"}, {"status": "affected", "version": "1.4.2"}, {"status": "affected", "version": "1.4.3"}, {"status": "affected", "version": "1.4.4"}, {"status": "affected", "version": "1.4.5"}, {"status": "affected", "version": "1.4.6"}, {"status": "affected", "version": "1.4.7"}, {"status": "affected", "version": "1.4.8"}]}], "timeline": [{"lang": "en", "time": "2026-02-08T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-02-08T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-02-09T08:53:26.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.344933", "name": "VDB-344933 | rachelos WeRSS we-mp-rss tools.py download_export_file path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.344933", "name": "VDB-344933 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.752763", "name": "Submit #752763 | rachelos WeRSS WeRSS<=1.4.8 Pathname Traversal", "tags": ["third-party-advisory"]}, {"url": "https://www.notion.so/WeRSS-Path-Traversal-Vulnerability-Leads-to-Arbitrary-File-Read-2feea92a3c41804da1f1f5ddbf86e655", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in rachelos WeRSS we-mp-rss up to 1.4.8. Impacted is the function download_export_file of the file apis/tools.py. Executing a manipulation of the argument filename can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Path Traversal"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T09:56:58.204Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2216", "state": "PUBLISHED", "dateUpdated": "2026-02-23T09:56:58.204Z", "dateReserved": "2026-02-08T08:32:27.048Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-02-09T05:02:06.373Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in rachelos WeRSS we-mp-rss up to 1.4.8. Impacted is the function download_export_file of the file apis/tools.py. Executing a manipulation of the argument filename can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used."}, {"lang": "es", "value": "Se ha encontrado un fallo en rachelos WeRSS we-mp-rss hasta la versi\u00f3n 1.4.8. La funci\u00f3n afectada es download_export_file del archivo apis/tools.py. La ejecuci\u00f3n de una manipulaci\u00f3n del argumento filename puede conducir a un salto de ruta. El ataque puede lanzarse de forma remota. El exploit ha sido publicado y puede ser utilizado."}], "id": "CVE-2026-2216", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-02-09T06:16:24.600", "references": [{"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.344933"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.344933"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.752763"}, {"source": "cna@vuldb.com", "url": "https://www.notion.so/WeRSS-Path-Traversal-Vulnerability-Leads-to-Arbitrary-File-Read-2feea92a3c41804da1f1f5ddbf86e655"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-17T21:36:20.961735+00:00", "value": {"mitigation_remediation": ["Apply the latest patch for rachelos WeRSS we-mp-rss to eliminate the vulnerable download_export_file code and ensure proper filename validation.", "If a patch cannot be applied immediately, restrict access to the download_export_file endpoint by whitelisting trusted IP addresses or requiring authentication that limits usage to internal users.", "Enforce strict file\u2010system permissions so that the application only has read access to its designated data directory, preventing it from reading other host files even if traversal succeeds."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary File Read via Path Traversal"}, "threat_synthesis": {"affected_systems": "Versions of rachelos WeRSS we-mp-rss up to 1.4.8 are affected. The flaw resides in the download_export_file endpoint of api/tools.py. Systems running these versions, regardless of whether the application is exposed to the internet or an internal network, are at risk when the API is reachable. Updating to a patched version beyond 1.4.8 removes the vulnerable code path.", "description_and_impact": "An attacker can manipulate the filename argument supplied to the download_export_file function in the tools.py module of the WeRSS we-mp-rss application. By providing a crafted value that contains directory traversal sequences, the function resolves to files outside its intended directory and returns their contents. This flaw allows arbitrary file read, potentially exposing sensitive configuration files, credentials, or confidential data. The vulnerability is classified as CWE-22 and is exploitable remotely via the exposed HTTP API.", "risk_and_exploitability": "The CVSS base score of 5.3 indicates moderate severity, but the path traversal flaw is remotely exploitable and an exploit has already been published. The EPSS score is below 1%, indicating a relatively low likelihood of widespread exploitation at the current time. However, because the flaw can drive reading of arbitrary files, an attacker can obtain highly sensitive data if the application runs with elevated permissions or accesses secure directories. The vulnerability is not listed in CISA's KEV catalog, so no known widespread exploitation has been reported yet."}}}}, "created": "2026-02-09T10:39:11.350007+00:00", "title": "Path Traversal in WeRSS we-mp-rss download_export_file Function", "updated": "2026-04-17T21:45:28.626849+00:00", "vendors": ["rachelos", "rachelos$PRODUCT$werss_we-mp-rss"]}