CVE-2026-27598
published 2026-02-25CVE-2026-27598: Dagu is a workflow engine with a built-in Web user interface. In versions up to and including 1.16.7, the `CreateNewDAG` API endpoint (`POST /api/v1/dags`)…
PriorityP349medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.57%
42.9th percentile
Dagu is a workflow engine with a built-in Web user interface. In versions up to and including 1.16.7, the `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG name before passing it to the file store. An authenticated user with DAG write permissions can write arbitrary YAML files anywhere on the filesystem (limited by the process permissions). Since dagu executes DAG files as shell commands, writing a malicious DAG to the DAGs directory of another instance or overwriting config files can lead to remote code execution. Commit e2ed589105d79273e4e6ac8eb31525f765bb3ce4 fixes the issue.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dagu-org | dagu | — | — |
| dagu | dagu | <= 1.16.7 | — |
| dagu | dagu | >= 2.0.0 < 2.3.1 | 2.3.1 |
| github.com | dagu-org_dagu | 0 – 1.16.7 | — |
| github.com | dagu-org_dagu | 0 – 2.2.4 | — |
| github.com | dagu-org_dagu | >= 1.30.4-0.20260221021317-e2ed589105d7 < 1.30.4-0.20260319093346-7d07fda8f9de | 1.30.4-0.20260319093346-7d07fda8f9de |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv4.07.1HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
ghsa7.1HIGH
osv7.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG in github.com/dagu-org/dagu
osv·2026-03-23·CVSS 7.1
CVE-2026-33344 [HIGH] Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG in github.com/dagu-org/dagu
Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG in github.com/dagu-org/dagu
Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG in github.com/dagu-org/dagu
GHSA
Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG
ghsa·2026-03-19·CVSS 7.1
CVE-2026-33344 [HIGH] CWE-22 Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG
Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG
The fix for CVE-2026-27598 (commit e2ed589, PR #1691) added `ValidateDAGName` to `CreateNewDAG` and rewrote `generateFilePath` to use `filepath.Base`. This patched the CREATE path. The remaining API endpoints - GET, DELETE, RENAME, EXECUTE - all pass the `{fileName}` URL path parameter to `locateDAG` without calling `ValidateDAGName`. `%2F`-encoded forward slashes in the `{fileName}` segment traverse outside the DAGs directory.
### Vulnerable code
`internal/persis/filedag/store.go`, lines 508-513:
```go
func (store *Storage) locateDAG(nameOrPath string) (string, error) {
if strings.Contains(nameOrPath, string(filepath.Separator)) {
foundPath, err := findDAGFile(nameOrPath)
if err == nil {
OSV
Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG
osv·2026-03-19·CVSS 7.1
CVE-2026-33344 [HIGH] Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG
Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG
The fix for CVE-2026-27598 (commit e2ed589, PR #1691) added `ValidateDAGName` to `CreateNewDAG` and rewrote `generateFilePath` to use `filepath.Base`. This patched the CREATE path. The remaining API endpoints - GET, DELETE, RENAME, EXECUTE - all pass the `{fileName}` URL path parameter to `locateDAG` without calling `ValidateDAGName`. `%2F`-encoded forward slashes in the `{fileName}` segment traverse outside the DAGs directory.
### Vulnerable code
`internal/persis/filedag/store.go`, lines 508-513:
```go
func (store *Storage) locateDAG(nameOrPath string) (string, error) {
if strings.Contains(nameOrPath, string(filepath.Separator)) {
foundPath, err := findDAGFile(nameOrPath)
if err == nil {
GHSA
Dagu: Path Traversal via `dagRunId` in Inline DAG Execution
ghsa·2026-03-13·CVSS 7.1
CVE-2026-31886 [HIGH] CWE-22 Dagu: Path Traversal via `dagRunId` in Inline DAG Execution
Dagu: Path Traversal via `dagRunId` in Inline DAG Execution
## 1. Vulnerability Summary
The `dagRunId` request field accepted by the inline DAG execution endpoints is passed directly into `filepath.Join` to construct a temporary directory path without any format validation. Go's `filepath.Join` resolves `..` segments lexically, so a caller can supply a value such as `".."` to redirect the computed directory outside the intended `/tmp//` path. A deferred cleanup function that calls `os.RemoveAll` on that directory then runs unconditionally when the HTTP handler returns, deleting whatever directory the traversal resolved to.
With `dagRunId` set to `".."`, the resolved directory is the system temporary directory (`/tmp` on Linux). On non-root deployments, `os.RemoveAll("/tmp")` removes all
OSV
Dagu: Path Traversal via `dagRunId` in Inline DAG Execution
osv·2026-03-13·CVSS 7.1
CVE-2026-31886 [HIGH] Dagu: Path Traversal via `dagRunId` in Inline DAG Execution
Dagu: Path Traversal via `dagRunId` in Inline DAG Execution
## 1. Vulnerability Summary
The `dagRunId` request field accepted by the inline DAG execution endpoints is passed directly into `filepath.Join` to construct a temporary directory path without any format validation. Go's `filepath.Join` resolves `..` segments lexically, so a caller can supply a value such as `".."` to redirect the computed directory outside the intended `/tmp//` path. A deferred cleanup function that calls `os.RemoveAll` on that directory then runs unconditionally when the HTTP handler returns, deleting whatever directory the traversal resolved to.
With `dagRunId` set to `".."`, the resolved directory is the system temporary directory (`/tmp` on Linux). On non-root deployments, `os.RemoveAll("/tmp")` removes all
OSV
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory in github.com/dagu-org/dagu
osv·2026-02-25
CVE-2026-27598 Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory in github.com/dagu-org/dagu
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory in github.com/dagu-org/dagu
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory in github.com/dagu-org/dagu
GHSA
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
ghsa·2026-02-24
CVE-2026-27598 [HIGH] CWE-22 Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
The `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG name before passing it to the file store. While `RenameDAG` calls `core.ValidateDAGName()` to reject names containing path separators (line 273 in `dags.go`), `CreateNewDAG` skips this validation entirely and passes user input directly to `dagStore.Create()`.
In `internal/persis/filedag/store.go`, the `generateFilePath` function (line 493) checks if the name contains a path separator, and if so, resolves it via `filepath.Abs(name)` — completely ignoring the `baseDir`. This means a name like `../../tmp/pwned` will write a file to `/tmp/pwned.yaml` instead of the DAGs directory.
**Affected code:**
`internal/service/fr
OSV
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
osv·2026-02-24
CVE-2026-27598 [HIGH] Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory
The `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG name before passing it to the file store. While `RenameDAG` calls `core.ValidateDAGName()` to reject names containing path separators (line 273 in `dags.go`), `CreateNewDAG` skips this validation entirely and passes user input directly to `dagStore.Create()`.
In `internal/persis/filedag/store.go`, the `generateFilePath` function (line 493) checks if the name contains a path separator, and if so, resolves it via `filepath.Abs(name)` — completely ignoring the `baseDir`. This means a name like `../../tmp/pwned` will write a file to `/tmp/pwned.yaml` instead of the DAGs directory.
**Affected code:**
`internal/service/fr
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-27598 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2026-27598 [HIGH] CVE-2026-27598 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-27598 :
Homebrew vulnerability analysis and mitigation
CreateNewDAG
POST /api/v1/dags
Source : NVD
## 7.1
Score
Published February 25, 2026
Severity HIGH
CNA Score 7.1
Affected Technologies
Homebrew
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 32.4
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
github.com/dagu-org/dagu
dagu
Sources
NVD
GoLang Severity HIGH No Fix Added at: Feb 25, 2026
Homebrew Severity MEDIUM No Fix Added at: Mar 03, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.
## Related Homebrew vulnerabilities:
CVE ID
Severity
Sco
Wiz
CVE-2026-33344 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.1
CVE-2026-33344 [HIGH] CVE-2026-33344 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-33344 :
Homebrew vulnerability analysis and mitigation
Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE path. The remaining API endpoints - GET, DELETE, RENAME, EXECUTE - all pass the {fileName} URL path parameter to locateDAG without calling ValidateDAGName. %2F-encoded forward slashes in the {fileName} segment traverse outside the DAGs directory. This issue has been patched in version 2.3.1.
Source : NVD
## 8.1
Score
Published March 24, 2026
Severity HIGH
CNA Score 8.1
Affected Technologies
Homebrew
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date
2026-02-25
Published