CVE-2026-40518 | bytedance deer-flow Directory Creation path traversal

A vulnerability, which was classified as critical, was found in bytedance deer-flow. Affected by this vulnerability is an unknown functionality of the component Directory Creation Handler. Such manipulation leads to path traversal.

This vulnerability is traded as CVE-2026-40518. The attack may be launched remotely. There is no exploit available.

It is best practice to apply a patch to resolve this issue.VulDB Recent EntriesRead More