What happened
CVE-2026-58170 (CVSS 8.3 High) affects Vibe-Trading before 0.1.10. The platform builds a proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitisation in agent/src/live/mandate/commit.py. A proposal identifier containing path traversal sequences (e.g., ../../etc/passwd) causes the application to load an attacker-chosen file from the filesystem. Published 2026-06-30.
Why it matters
Vibe-Trading is an agentic AI trading platform where AI agents execute financial mandates. Path traversal in the mandate commit pathway allows an attacker to read arbitrary files from the server hosting the agent — including configuration files, API keys for financial brokers, and agent state files — potentially enabling financial fraud or broker credential theft.
Attack vector
Attacker supplies a proposal identifier containing path traversal sequences to the mandate commit endpoint; the unsanitised join causes the agent to open and process an arbitrary file path.
Affected systems
HKUDS/Vibe-Trading < 0.1.10
Mitigation
Upgrade to Vibe-Trading 0.1.10 or later. Fix commit: https://github.com/HKUDS/Vibe-Trading/commit/0ab701302f90e701c9dc558a898a217a376610c3