CVE-2026-44220

Published: Mag 12, 2026 Last Modified: Mag 12, 2026
ExploitDB:
Other exploit source:
Google Dorks:
LOW 3,2
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: required
Scope: changed
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

ciguard is a static security auditor for CI/CD pipelines. From 0.8.0 to 0.8.1 , the discover_pipeline_files() function in src/ciguard/discovery.py walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory the user (or AI agent) scans can cause discovery to walk into the symlink target and return paths to pipeline-shaped files outside the requested root. This vulnerability is fixed in 0.8.2.

59

Improper Link Resolution Before File Access ('Link Following')

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control Other
Potential Impacts:
Read Files Or Directories Modify Files Or Directories Bypass Protection Mechanism Execute Unauthorized Code Or Commands
Applicable Platforms
Operating Systems: Windows, Unix
Likelihood of Exploit: Medium
View CWE Details
https://github.com/Jo-Jo98/ciguard/security/advisories/GHSA…
https://github.com/Jo-Jo98/ciguard/security/advisories/GHSA-8cxw-cc62-q28v