{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27199", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-18T19:47:02.155Z", "datePublished": "2026-02-21T05:15:53.335Z", "dateUpdated": "2026-02-24T19:02:19.689Z"}, "containers": {"cna": {"title": "Werkzeug safe_join() allows Windows special device names", "problemTypes": [{"descriptions": [{"cweId": "CWE-67", "lang": "en", "description": "CWE-67: Improper Handling of Windows Device Names", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x"}, {"name": "https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d", "tags": ["x_refsource_MISC"], "url": "https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d"}, {"name": "https://github.com/pallets/werkzeug/releases/tag/3.1.6", "tags": ["x_refsource_MISC"], "url": "https://github.com/pallets/werkzeug/releases/tag/3.1.6"}], "affected": [{"vendor": "pallets", "product": "werkzeug", "versions": [{"version": "< 3.1.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-21T05:15:53.335Z"}, "descriptions": [{"lang": "en", "value": "Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safe_join accepts paths with multiple segments, such as example/NUL. The function send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely. This issue has been fixed in version 3.1.6."}], "source": {"advisory": "GHSA-29vq-49wr-vm6x", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T19:02:05.165135Z", "id": "CVE-2026-27199", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T19:02:19.689Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27199", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-24T19:02:05.165135Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T19:02:13.076Z"}}], "cna": {"title": "Werkzeug safe_join() allows Windows special device names", "source": {"advisory": "GHSA-29vq-49wr-vm6x", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "pallets", "product": "werkzeug", "versions": [{"status": "affected", "version": "< 3.1.6"}]}], "references": [{"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x", "name": "https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d", "name": "https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pallets/werkzeug/releases/tag/3.1.6", "name": "https://github.com/pallets/werkzeug/releases/tag/3.1.6", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safe_join accepts paths with multiple segments, such as example/NUL. The function send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely. This issue has been fixed in version 3.1.6."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-67", "description": "CWE-67: Improper Handling of Windows Device Names"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-21T05:15:53.335Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27199", "state": "PUBLISHED", "dateUpdated": "2026-02-24T19:02:19.689Z", "dateReserved": "2026-02-18T19:47:02.155Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-21T05:15:53.335Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palletsprojects:werkzeug:*:*:*:*:*:*:*:*", "matchCriteriaId": "97FC0575-11B9-4EDE-A4B1-1724FF940BA5", "versionEndExcluding": "3.1.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safe_join accepts paths with multiple segments, such as example/NUL. The function send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely. This issue has been fixed in version 3.1.6."}, {"lang": "es", "value": "Werkzeug es una completa biblioteca de aplicaciones web WSGI. Las versiones 3.1.5 e inferiores, la funci\u00f3n safe_join permite nombres de dispositivos de Windows como nombres de archivo si van precedidos por otros segmentos de ruta. Esto fue reportado previamente como GHSA-hgf8-39gv-g3f2, pero el filtrado a\u00f1adido no tuvo en cuenta el hecho de que safe_join acepta rutas con m\u00faltiples segmentos, como example/NUL. La funci\u00f3n send_from_directory utiliza safe_join para servir archivos de forma segura en rutas especificadas por el usuario bajo un directorio. Si la aplicaci\u00f3n se est\u00e1 ejecutando en Windows, y la ruta solicitada termina con un nombre de dispositivo especial, el archivo se abrir\u00e1 con \u00e9xito, pero la lectura se colgar\u00e1 indefinidamente. Este problema ha sido solucionado en la versi\u00f3n 3.1.6."}], "id": "CVE-2026-27199", "lastModified": "2026-03-03T17:30:17.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-21T06:17:00.710", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/pallets/werkzeug/releases/tag/3.1.6"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-67"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.1.6)"}}], "enrichment": {"confidence": 80.0, "confidence_source": "matching", "scores": [{"score": 80.0, "source": "matching"}]}, "original": {"product": "werkzeug", "source": "cna", "vendor": "pallets"}, "product": "werkzeug", "vendor": "palletsprojects"}], "analysis": {"en": {"generated_at": "2026-04-17T16:54:33.910552+00:00", "value": {"mitigation_remediation": ["Upgrade Werkzeug to version 3.1.6 or later.", "If an immediate upgrade is not possible, modify the file\u2011serving logic to reject paths that end with Windows device names (e.g., NUL, COM1\u2013COM9, LPT1\u2013LPT9) before calling safe_join.", "Alternatively, avoid using send_from_directory on Windows or replace it with a custom handler that performs explicit path validation and does not rely on safe_join."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Werkzeug library, managed by the pallets project. Versions 3.1.5 and earlier are impacted; the issue is fixed in 3.1.6. Applications running on Windows that use Werkzeug\u2019s send_from_directory to serve user\u2011specified file paths are potentially exposed.", "description_and_impact": "Werkzeug\u2019s safe_join function was designed to prevent directory traversal by sanitizing file paths. In versions up to 3.1.5, the function fails to block Windows device names when the path contains multiple segments, such as example/NUL. When a user requests such a path through the send_from_directory helper, the function opens the special device file successfully, but attempts to read from it hang indefinitely. The hanging operation consumes server resources and blocks the request, resulting in a denial\u2011of\u2011service condition for the affected application. No information is provided about data exfiltration or code execution, so the primary consequence is a service outage.", "risk_and_exploitability": "The CVSS score of 6.3 indicates a moderate severity. The EPSS score of <\u00a01% suggests a very low likelihood of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. The exploit requires that the attacker can issue a request to a Werkzeug application running on Windows and that the application uses send_from_directory to serve files. The attack vector is therefore inferred to be remote, over a network or HTTP interface, allowing an adversary to trigger the hang by providing a path ending with a Windows device name such as NUL. Successful exploitation leads to a DoS of the application for the target user, but does not compromise confidentiality or integrity."}}}}, "created": "2026-02-23T14:32:43.195491+00:00", "updated": "2026-04-17T17:00:10.187310+00:00", "vendors": ["palletsprojects", "palletsprojects$PRODUCT$werkzeug"]}