CVE-2026-39844 Overview
CVE-2026-39844 is a path traversal vulnerability [CWE-22] in NiceGUI, a Python-based UI framework maintained by Zauberzeug. The flaw affects all versions prior to 3.10.0 when deployed on Microsoft Windows. NiceGUI's upload sanitization relies on PurePosixPath, which only treats forward slashes as path separators. Attackers can supply filenames containing backslashes (\) to bypass the sanitization and write files outside the intended upload directory. Applications that construct file paths from file.name — a pattern shown in NiceGUI's bundled examples — are exposed to arbitrary file write on Windows hosts.
Critical Impact
Unauthenticated network attackers can write arbitrary files on Windows systems running vulnerable NiceGUI applications, enabling code execution through file overwrite on writable application paths.
Affected Products
- Zauberzeug NiceGUI versions prior to 3.10.0
- Microsoft Windows hosts running affected NiceGUI applications
- Applications using file.name directly in upload path construction
Discovery Timeline
- 2026-04-08 - CVE-2026-39844 published to NVD
- 2026-04-15 - Last updated in NVD database
Technical Details for CVE-2026-39844
Vulnerability Analysis
NiceGUI's upload handler sanitized incoming filenames using PurePosixPath from Python's pathlib module. PurePosixPath recognizes only the forward slash (/) as a path separator. On Windows, however, the operating system accepts both forward slashes and backslashes (\) as directory separators. A filename such as ..\..\Windows\Temp\evil.exe passes Posix-style sanitization unchanged because the library sees a single filename component, not a traversal sequence.
When the unmodified value reaches the Windows filesystem APIs, the backslashes are interpreted as directory separators and the path escapes the intended upload directory. Any application that builds an output path using file.name inherits the bypass.
Root Cause
The root cause is reliance on a platform-specific path parser to validate untrusted input destined for a different platform's filesystem. PurePosixPath is appropriate for Linux and macOS, but it does not model Windows separator semantics. The sanitization logic therefore fails open on Windows.
Attack Vector
Exploitation requires no authentication and no user interaction. An attacker submits a multipart upload request to a NiceGUI endpoint and sets the filename field to a Windows-style traversal string. The server stores the file at the attacker-chosen path, which may include startup folders, scheduled task directories, or web roots, leading to arbitrary file write and follow-on code execution.
from collections.abc import AsyncIterator
from dataclasses import dataclass
from io import BytesIO
-from pathlib import Path, PurePosixPath
+from pathlib import Path
import aiofiles
import anyio
# Source: https://github.com/zauberzeug/nicegui/commit/d38a702e3af2da5b0708f689be8d71413fc77056
# The patch removes the PurePosixPath import and replaces the Posix-only
# sanitization with platform-aware handling in nicegui/elements/upload_files.py.
Detection Methods for CVE-2026-39844
Indicators of Compromise
- Upload requests where the multipart filename field contains backslashes (\), ..\, or absolute Windows paths such as C:\.
- Files appearing outside the configured NiceGUI upload directory on Windows hosts, especially in startup, scheduled task, or web-root locations.
- New executable or script files (.exe, .bat, .ps1, .lnk) written by the Python process hosting NiceGUI.
Detection Strategies
- Inspect web server and application logs for HTTP upload requests containing URL-encoded or raw backslashes in the filename parameter.
- Correlate file creation events from the NiceGUI Python process with paths outside the documented upload directory.
- Hunt for process-chain anomalies where python.exe running NiceGUI is followed by execution of a newly written binary or script.
Monitoring Recommendations
- Enable filesystem auditing on Windows hosts for write operations performed by the NiceGUI service account.
- Monitor child-process creation under the Python interpreter hosting NiceGUI to surface post-write execution.
- Alert on writes to high-value paths such as %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup and C:\Windows\System32\Tasks originating from web application processes.
How to Mitigate CVE-2026-39844
Immediate Actions Required
- Upgrade NiceGUI to version 3.10.0 or later on all Windows deployments.
- Audit application code for any use of file.name in path construction and replace it with a hardened basename routine.
- Review the upload directory and adjacent paths for unexpected files created since deployment.
- Restrict the NiceGUI service account to the minimum filesystem permissions required.
Patch Information
The issue is fixed in NiceGUI 3.10.0. The fix removes the PurePosixPath-based sanitization in nicegui/elements/upload_files.py and applies platform-aware path handling. See the GitHub Security Advisory GHSA-w8wv-vfpc-hw2w, the upstream commit d38a702, and the NiceGUI 3.10.0 release notes.
Workarounds
- If upgrading is not immediately possible, sanitize uploaded filenames using ntpath.basename() before any path construction on Windows.
- Reject uploads whose filename contains \, /, :, or path traversal sequences before they reach application logic.
- Write uploaded content to a randomly generated server-side filename rather than the client-supplied value.
# Pin NiceGUI to the patched release
pip install --upgrade "nicegui>=3.10.0"
# Verify installed version
python -c "import nicegui, sys; sys.exit(0 if nicegui.__version__ >= '3.10.0' else 1)"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
