Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-43965

CVE-2026-43965: Gleam Path Traversal Vulnerability

CVE-2026-43965 is a path traversal vulnerability in Gleam's dependency management that enables arbitrary directory deletion through malicious build files. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2026-43965 Overview

CVE-2026-43965 is a path traversal vulnerability [CWE-22] in the Gleam programming language toolchain. The flaw exists in Gleam's dependency management subsystem, where package keys read from build/packages/packages.toml are passed without validation to filesystem deletion routines. An attacker who tricks a victim into running gleam deps download against a malicious project can recursively delete arbitrary directories on the victim's system. The issue affects Gleam versions from 0.18.0-rc1 up to (but not including) 1.17.0.

Critical Impact

Arbitrary directory deletion on a developer's system through a malicious packages.toml file committed to a Gleam project repository.

Affected Products

  • Gleam 0.18.0-rc1 through versions prior to 1.17.0
  • Projects depending on the Gleam build tool's deps download command
  • Developer workstations and CI/CD systems running affected Gleam versions

Discovery Timeline

  • 2026-06-02 - CVE CVE-2026-43965 published to NVD
  • 2026-06-02 - Last updated in NVD database

Technical Details for CVE-2026-43965

Vulnerability Analysis

The vulnerability resides in Gleam's LocalPackages::read_from_disc function, which parses the build/packages/packages.toml file. Package keys read from this file are passed directly to paths.build_packages_package(). This function constructs a filesystem path by joining the project build directory with the attacker-controlled key.

The resulting path is then forwarded to fs::delete_directory, which invokes remove_dir_all. No validation confirms the resulting path remains within the intended build/packages/ directory. Both absolute paths and relative traversal sequences such as ../ are accepted as valid package keys.

The vulnerability requires local execution context but is triggered through a remote supply-chain vector. A victim cloning and building a malicious Gleam project executes the destructive operation under their own user privileges.

Root Cause

The root cause is missing input validation on untrusted TOML data [CWE-22]. The packages.toml file is normally generated by Gleam itself and is .gitignored by default. The code assumes its contents are trustworthy and skips path canonicalization or containment checks before performing recursive deletion.

Attack Vector

An attacker commits a crafted build/packages/packages.toml to a public repository, overriding the default .gitignore exclusion. When a victim clones the repository and runs gleam deps download, Gleam parses the malicious TOML and treats keys such as ../../../etc or absolute paths as package identifiers. The dependency resolution logic then recursively deletes the targeted directory.

No memory corruption or code execution occurs. The damage is constrained to filesystem destruction, but it includes any directory writable by the user running the Gleam command.

No verified public proof-of-concept code is available. Refer to the GitHub Security Advisory GHSA-jqvf-f6p2-wrv3 and the upstream fix commit for the technical fix details.

Detection Methods for CVE-2026-43965

Indicators of Compromise

  • Presence of a checked-in build/packages/packages.toml file in a Gleam project repository, which is normally .gitignored.
  • TOML package keys containing path traversal sequences (../) or absolute filesystem paths.
  • Unexpected recursive deletion of directories outside the project tree after running gleam deps download.

Detection Strategies

  • Scan Gleam project repositories for committed packages.toml files and inspect their package key entries for traversal patterns.
  • Audit CI/CD pipelines that execute gleam deps commands for installed Gleam versions below 1.17.0.
  • Monitor process telemetry for gleam invocations followed by unlink/rmdir syscalls targeting paths outside the project working directory.

Monitoring Recommendations

  • Enable filesystem auditing on developer workstations to log recursive deletion events triggered by build tools.
  • Correlate Gleam process execution with filesystem modification events outside the expected build directory.
  • Track Gleam version inventory across developer endpoints and build agents.

How to Mitigate CVE-2026-43965

Immediate Actions Required

  • Upgrade Gleam to version 1.17.0 or later on all developer workstations and CI/CD systems.
  • Audit existing Gleam project repositories for unexpected committed build/packages/packages.toml files and remove them.
  • Avoid running gleam deps download against untrusted third-party Gleam projects until upgrades are confirmed.

Patch Information

The upstream fix is available in the Gleam commit 690ca069817bee5f77a28fc3e360627c1da19291, included in Gleam 1.17.0. The patch validates package keys to ensure derived paths remain within the project's build/packages/ directory before any filesystem deletion. Additional context is available in the CNA advisory for CVE-2026-43965 and the OSV vulnerability record.

Workarounds

  • Inspect build/packages/packages.toml for malicious traversal entries before running any Gleam build command on cloned projects.
  • Run Gleam commands inside ephemeral containers or sandboxed environments with minimal filesystem access.
  • Enforce a repository policy that rejects commits containing files under build/packages/.
bash
# Verify installed Gleam version and upgrade if below 1.17.0
gleam --version

# Check repositories for the normally-gitignored packages.toml file
find . -path '*/build/packages/packages.toml' -print

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.