CVE-2026-42075 Overview
CVE-2026-42075 is a path traversal vulnerability in Evolver, a GEP-powered self-evolving engine for AI agents. The flaw exists in the skill download (fetch) command, where the --out= flag accepts user-supplied paths without validation. Attackers with low privileges can write files to arbitrary filesystem locations using directory traversal sequences. This enables overwriting critical system files or planting files in sensitive directories. The issue affects all versions prior to 1.69.3 and is tracked as CWE-22. Maintainers patched the flaw in version 1.69.3.
Critical Impact
Authenticated attackers can write or overwrite files in arbitrary filesystem locations, leading to integrity loss and potential code execution through configuration or binary replacement.
Affected Products
- Evolver versions prior to 1.69.3
- Evolver fetch command with --out= flag
- AI agent deployments using EvoMap Evolver for skill management
Discovery Timeline
- 2026-05-04 - CVE-2026-42075 published to NVD
- 2026-05-04 - Last updated in NVD database
Technical Details for CVE-2026-42075
Vulnerability Analysis
The vulnerability resides in the Evolver skill download command. When a user invokes the fetch subcommand with --out=<path>, the application writes downloaded skill content to the specified destination. The code does not normalize the path, restrict it to a designated skills directory, or reject traversal sequences such as ../. As a result, an attacker controlling the --out= value can escape the intended output directory.
Writing outside the skills directory enables overwriting configuration files, shell profiles, scheduled task definitions, or executables loaded by the host process. Because the write occurs with the privileges of the Evolver process, integrity and availability of the host are at risk. Confidentiality is not directly impacted, but file overwrites can chain into code execution paths depending on environment.
Root Cause
The root cause is missing input validation on a user-controlled file path, classified as [CWE-22] Improper Limitation of a Pathname to a Restricted Directory. The fetch handler trusts the --out= argument and passes it to the file write routine without canonicalization or directory containment checks.
Attack Vector
Exploitation requires network access to deliver the crafted command and low-level privileges to invoke the fetch operation. An attacker supplies a traversal payload such as --out=../../etc/cron.d/evil to drop a file outside the skills directory. No user interaction is required beyond the existing command execution context. See the GitHub Security Advisory GHSA-r466-rxw4-3j9j for vendor details.
Detection Methods for CVE-2026-42075
Indicators of Compromise
- Unexpected files written outside the configured Evolver skills directory.
- Process command lines containing fetch with --out= values that include ../ or absolute paths to system directories.
- Modifications to startup scripts, cron entries, or service unit files coinciding with Evolver activity.
Detection Strategies
- Inspect Evolver process arguments for --out= values referencing parent directory traversal or paths outside expected skill storage.
- Audit filesystem write events from the Evolver process across /etc, /var/spool/cron, user home directories, and binary paths.
- Correlate Evolver invocation logs with file integrity monitoring alerts on sensitive locations.
Monitoring Recommendations
- Enable command-line argument logging for processes spawning the Evolver binary.
- Deploy file integrity monitoring on system configuration paths and Evolver runtime directories.
- Track Evolver version inventory across hosts to confirm patched deployments.
How to Mitigate CVE-2026-42075
Immediate Actions Required
- Upgrade Evolver to version 1.69.3 or later on all hosts running the engine.
- Audit recent fetch command invocations for traversal payloads in the --out= argument.
- Restrict access to the Evolver CLI to trusted operators only until patching completes.
Patch Information
The maintainers fixed the flaw in Evolver 1.69.3. Download the release from the GitHub Evolver Release Notes. Validate the installed version after upgrade and remove older binaries from PATH.
Workarounds
- Run Evolver under a low-privilege service account that cannot write to system directories.
- Apply mandatory access control profiles (AppArmor, SELinux) to confine Evolver write paths to its skills directory.
- Wrap the fetch command with a validation script that rejects --out= values containing .. or absolute paths.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
