## https://sploitus.com/exploit?id=A56603B7-BB99-58E1-9B86-2839E9FBC459
# CVE-2026-54520
`ai-agent-automation` workflow file step path traversal allowed read/write outside the expected directory.
**Primary advisory:** [GHSA-cm8g-8jfq-887p](https://github.com/vmDeshpande/ai-agent-automation/security/advisories/GHSA-cm8g-8jfq-887p)
**Researcher credit:** [@chaitanyagarware](https://github.com/chaitanyagarware)
## At a Glance
| Field | Value |
| --- | --- |
| CVE | `CVE-2026-54520` |
| GHSA | `GHSA-cm8g-8jfq-887p` |
| Project | `vmDeshpande/ai-agent-automation` |
| Package | `backend` |
| Ecosystem | npm |
| Severity | High |
| CVSS | 8.1, `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N` |
| Weakness | `CWE-22` |
| Published | GitHub repository advisory: 2026-06-05 |
| Patched version | `v0.9.1` |
| Public database status | GitHub repository advisory published; CVE.org, NVD, and OSV did not return records as of 2026-07-09 |
## Summary
The workflow file step accepted a user-controlled `step.path` and resolved it against `process.cwd()` before reading or writing files. Because the backend did not enforce that the final resolved path stayed inside a safe workflow directory, traversal sequences could escape the expected filesystem boundary.
The affected component was `backend/src/agents/executor.js`.
## Affected Versions
| Package | Affected |
| --- | --- |
| `backend` | `<= 0.8.0` |
## Fixed Versions
| Package | Fixed |
| --- | --- |
| `backend` | `v0.9.1` |
## Public Database Coverage
| Source | Status | Link |
| --- | --- | --- |
| GitHub repository advisory | Published | [GHSA-cm8g-8jfq-887p](https://github.com/vmDeshpande/ai-agent-automation/security/advisories/GHSA-cm8g-8jfq-887p) |
| CVE.org | Not indexed yet | [CVE detail](https://vulners.com/cve/CVE-2026-54520) |
| NVD | Not indexed yet | [NVD detail](https://nvd.nist.gov/vuln/detail/CVE-2026-54520) |
| OSV | Not indexed yet | [OSV lookup](https://osv.dev/vulnerability/CVE-2026-54520) |
## Additional Public Mentions Found
- `chaitanyagarware/chaitanyagarware` profile README references this CVE/GHSA.
- `chaitanyagarware/chaitanyagarware.github.io` references this CVE/GHSA.
- No broader GitHub issue/repo search results were returned for the exact CVE/GHSA terms during the 2026-07-09 sweep.
## Disclosure Note
This repository is a public index and portfolio landing page. It intentionally summarizes the vulnerability and links to authoritative records instead of copying full proof-of-concept exploit scripts.