{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6855", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2026-04-22T12:20:39.844Z", "datePublished": "2026-04-22T12:29:44.838Z", "dateUpdated": "2026-04-22T18:35:05.305Z"}, "containers": {"cna": {"title": "Instructlab: instructlab: path traversal allows arbitrary directory creation and file write", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the `logs_dir` parameter. This allows the attacker to create new directories and write files to arbitrary locations on the system, potentially leading to unauthorized data modification or disclosure."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux AI (RHEL AI) 3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhelai3/bootc-aws-cuda-rhel9", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:enterprise_linux_ai:3"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux AI (RHEL AI) 3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhelai3/bootc-azure-cuda-rhel9", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:enterprise_linux_ai:3"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux AI (RHEL AI) 3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhelai3/bootc-azure-rocm-rhel9", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:enterprise_linux_ai:3"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux AI (RHEL AI) 3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhelai3/bootc-cuda-rhel9", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:enterprise_linux_ai:3"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux AI (RHEL AI) 3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhelai3/bootc-gcp-cuda-rhel9", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:enterprise_linux_ai:3"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux AI (RHEL AI) 3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhelai3/bootc-rocm-rhel9", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:enterprise_linux_ai:3"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-6855", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460013", "name": "RHBZ#2460013", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2026-04-15T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}], "timeline": [{"lang": "en", "time": "2026-04-15T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-04-15T00:00:00.000Z", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Martin Brodeur (independent security researcher) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-04-22T12:29:44.838Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T18:34:55.991212Z", "id": "CVE-2026-6855", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T18:35:05.305Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the `logs_dir` parameter. This allows the attacker to create new directories and write files to arbitrary locations on the system, potentially leading to unauthorized data modification or disclosure."}], "id": "CVE-2026-6855", "lastModified": "2026-04-22T13:16:22.410", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "secalert@redhat.com", "type": "Primary"}]}, "published": "2026-04-22T13:16:22.410", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2026-6855"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460013"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T13:34:00.809053+00:00", "value": {"mitigation_remediation": ["Upgrade to a patched version of InstructLab or RHEL\u00a0AI when such a release becomes available.", "Restrict access to the chat session handler and the logs_dir parameter so that only trusted users can invoke it.", "Implement server\u2011side validation or sanitization of the logs_dir input to block traversal sequences and enforce a fixed base directory."], "summary": {"action": "Assess Impact", "impact": "Arbitrary file write and directory creation via path traversal"}, "threat_synthesis": {"affected_systems": "The affected product is Red\u00a0Hat Enterprise Linux\u00a0AI (RHEL\u00a0AI) version\u00a03.", "description_and_impact": "The vulnerability resides in InstructLab\u2019s chat session handler where a local attacker can manipulate the logs_dir parameter to perform a path traversal. This flaw allows creation of new directories and writing files to any location on the system, potentially leading to unauthorized data modification or disclosure. The weakness is characterized as CWE-22 (Path Traversal).", "risk_and_exploitability": "The CVSS score of 7.1 indicates a moderate severity; the EPSS score is currently unavailable and the issue is not listed in CISA KEV. The likely attack vector is local; an attacker with sufficient privileges to access the chat session handler can supply crafted logs_dir values to cause arbitrary file write or directory creation. No official patch or workaround is available at this time, so the risk persists until a vendor fix is released or mitigations are applied."}}}}, "created": "2026-04-22T13:45:18.273610+00:00", "updated": "2026-04-22T13:45:18.273635+00:00", "vendors": []}