CVE-2026-21851
published 2026-01-07CVE-2026-21851: MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.1, a Path Traversal (Zip Slip) vulnerability…
PriorityP430medium5.3CVSS 3.1
AVNACHPRNUIRSUCNIHAN
EPSS
0.31%
22.8th percentile
MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.1, a Path Traversal (Zip Slip) vulnerability exists in MONAI's `_download_from_ngc_private()` function. The function uses `zipfile.ZipFile.extractall()` without path validation, while other similar download functions in the same codebase properly use the existing `safe_extract_member()` function. Commit 4014c8475626f20f158921ae0cf98ed259ae4d59 fixes this issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| project-monai | monai | <= 1.5.1 | — |
| project-monai | monai | >= 0 < 1.5.2 | 1.5.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download
osv·2026-01-06
CVE-2026-21851 [MEDIUM] MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download
MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download
## Summary
A **Path Traversal (Zip Slip)** vulnerability exists in MONAI's `_download_from_ngc_private()` function. The function uses `zipfile.ZipFile.extractall()` without path validation, while other similar download functions in the same codebase properly use the existing `safe_extract_member()` function.
This appears to be an implementation oversight, as safe extraction is already implemented and used elsewhere in MONAI.
**CWE:** CWE-22 (Improper Limitation of a Pathname to a Restricted Directory)
---
## Details
### Vulnerable Code Location
**File:** `monai/bundle/scripts.py`
**Lines:** 291-292
**Function:** `_download_from_ngc_private()`
```python
# monai/bundle/scripts.py - Lines 284-293
zip_path = download_p
GHSA
MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download
ghsa·2026-01-06
CVE-2026-21851 [MEDIUM] CWE-22 MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download
MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download
## Summary
A **Path Traversal (Zip Slip)** vulnerability exists in MONAI's `_download_from_ngc_private()` function. The function uses `zipfile.ZipFile.extractall()` without path validation, while other similar download functions in the same codebase properly use the existing `safe_extract_member()` function.
This appears to be an implementation oversight, as safe extraction is already implemented and used elsewhere in MONAI.
**CWE:** CWE-22 (Improper Limitation of a Pathname to a Restricted Directory)
---
## Details
### Vulnerable Code Location
**File:** `monai/bundle/scripts.py`
**Lines:** 291-292
**Function:** `_download_from_ngc_private()`
```python
# monai/bundle/scripts.py - Lines 284-293
zip_path = download_p
No detection rules found.
No public exploits indexed.
2026-01-07
Published