The SentinelOne Annual Threat Report - A Defenders Guide from the FrontlinesThe SentinelOne Annual Threat ReportGet the Report
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2026-41646

CVE-2026-41646: Nuclei Path Traversal Vulnerability

CVE-2026-41646 is a path traversal vulnerability in Projectdiscovery Nuclei that allows JavaScript templates to bypass file access restrictions and read local files. This article covers technical details, affected versions, and mitigation.

Published: May 18, 2026

CVE-2026-41646 Overview

CVE-2026-41646 is an access control vulnerability [CWE-284] in Nuclei, the YAML-based vulnerability scanner from ProjectDiscovery. The flaw exists in the JavaScript protocol runtime and affects versions 3.0.0 through versions before 3.8.0. JavaScript templates can read local .js and .json files through the require() function, bypassing the allow-local-file-access restriction that Nuclei enforces by default.

An attacker who supplies a malicious template can read sensitive files from the host running the scanner. The vulnerability requires local execution context and user interaction to load the crafted template. ProjectDiscovery patched the issue in version 3.8.0.

Critical Impact

Malicious Nuclei templates can read arbitrary .js and .json files on the scanning host, exposing configuration data, credentials, and source code despite default file access protections.

Affected Products

  • ProjectDiscovery Nuclei version 3.0.0 and later
  • ProjectDiscovery Nuclei versions prior to 3.8.0
  • Nuclei Go module distributions with JavaScript protocol support

Discovery Timeline

  • 2026-05-08 - CVE-2026-41646 published to the National Vulnerability Database (NVD)
  • 2026-05-08 - Last updated in NVD database

Technical Details for CVE-2026-41646

Vulnerability Analysis

Nuclei supports JavaScript-based templates executed by an embedded Goja runtime. The runtime exposes a require() function to load native modules and helper scripts. Nuclei enforces an allow-local-file-access flag that gates whether templates can read files from the local filesystem.

The require() implementation did not consult this flag when resolving module paths. A template author could call require() against arbitrary .js or .json paths and receive the file contents back in the runtime. This permitted indirect file disclosure even when operators explicitly disabled local file access.

Impact is limited to confidentiality of files matching the JavaScript module loader's accepted extensions. Integrity and availability of the scanning host are not directly affected.

Root Cause

The shared require.Registry instance in pkg/js/compiler/pool.go was initialized once at startup without binding it to the per-execution file access policy. Because the registry persisted across runs and ignored the protocol state, no enforcement layer rejected paths that pointed outside the permitted directories. The fix introduces filepath validation through a new filepathutil helper inside pkg/protocols/common/protocolstate/file.go.

Attack Vector

Exploitation requires an operator to execute a malicious template under their Nuclei installation. The attacker delivers the template through a public template repository, a pull request to a community catalog, or social engineering. Once loaded, the template calls require() with a target path and exfiltrates the returned content using Nuclei's existing HTTP or DNS protocols.

go
// Patch excerpt: pkg/js/compiler/pool.go
// Removes the package-level shared registry that ignored file access policy
 var (
-	r                *require.Registry
 	lazyRegistryInit = sync.OnceFunc(func() {
-		r = new(require.Registry) // this can be shared by multiple runtimes
 		// autoregister console node module with default printer it uses gologger backend
 		require.RegisterNativeModule(console.ModuleName, console.RequireWithPrinter(goconsole.NewGoConsolePrinter()))
 	})

Source: ProjectDiscovery Nuclei commit 6f2ade6

go
// Patch excerpt: pkg/protocols/common/protocolstate/file.go
// Adds filepathutil for proper path validation against allow-local-file-access
 package protocolstate

 import (
-	"strings"
-
 	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
 	"github.com/projectdiscovery/nuclei/v3/pkg/types"
+	filepathutil "github.com/projectdiscovery/nuclei/v3/pkg/utils/filepath"
 	"github.com/projectdiscovery/utils/errkit"
 	fileutil "github.com/projectdiscovery/utils/file"
 	mapsutil "github.com/projectdiscovery/utils/maps"

Source: ProjectDiscovery Nuclei commit 6f2ade6

Detection Methods for CVE-2026-41646

Indicators of Compromise

  • Nuclei templates containing require() calls referencing absolute paths or paths outside the template directory
  • Untrusted YAML templates with embedded JavaScript blocks loading .js or .json files unrelated to scan logic
  • Outbound HTTP or DNS requests from Nuclei processes containing base64 or hex-encoded payloads matching local file contents

Detection Strategies

  • Audit all template sources and pin scanner installations to Nuclei 3.8.0 or later before execution
  • Static analysis of community templates for suspicious require() arguments referencing system paths such as /etc, ~/.aws, or ~/.ssh
  • Process monitoring on hosts that run Nuclei to detect file reads outside the template workspace by the nuclei binary

Monitoring Recommendations

  • Log Nuclei command-line invocations and capture the -t template flag and -allow-local-file-access state for review
  • Forward host telemetry from CI/CD runners and security tooling hosts that execute Nuclei into a centralized data lake for correlation
  • Alert on Nuclei processes reading files matching credential patterns or configuration extensions outside expected paths

How to Mitigate CVE-2026-41646

Immediate Actions Required

  • Upgrade Nuclei to version 3.8.0 or later on all hosts, build agents, and container images
  • Inventory and remove untrusted custom or third-party templates from local template directories
  • Restrict execution of Nuclei to dedicated service accounts with minimum filesystem privileges

Patch Information

ProjectDiscovery published the fix in pull request #7332 and commit 6f2ade6a9b427c284c15a43445f9c7f055e60e5d. Coordination details are available in GitHub Security Advisory GHSA-29rg-wmcw-hpf4. Upgrade to Nuclei 3.8.0 to apply the corrected require() handler that honors allow-local-file-access.

Workarounds

  • Run Nuclei inside an ephemeral container or chroot that exposes only template files and scan inputs
  • Execute scans under an unprivileged user with no access to credential stores, SSH keys, or cloud configuration files
  • Disable use of JavaScript protocol templates from external sources until upgrades complete
bash
# Verify and pin Nuclei to the patched release
nuclei -version
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@v3.8.0

# Run scans with reduced filesystem exposure
docker run --rm \
  --read-only \
  --user 1000:1000 \
  -v "$(pwd)/templates:/templates:ro" \
  projectdiscovery/nuclei:v3.8.0 \
  -t /templates -u https://target.example.com

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypePath Traversal
  • Vendor/TechProjectdiscovery Nuclei
  • SeverityMEDIUM
  • CVSS Score5.5
  • EPSS Probability0.01%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityNone
  • CWE References
  • CWE-284
  • Vendor Resources
  • GitHub Commit Update
  • GitHub Pull Request
  • GitHub Security Advisory GHSA-29rg-wmcw-hpf4
  • Related CVEs
  • CVE-2026-41645: Projectdiscovery Nuclei RCE Vulnerability
  • CVE-2026-41282: Nuclei DSL Expression Injection RCE Flaw
  • CVE-2024-43405: Projectdiscovery Nuclei RCE Vulnerability
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English