Path Traversal Vulnerability in Awesome-LLM-Apps Beifong AI Agent

A path traversal vulnerability exists in the Beifong AI News and Podcast Agent backend's stream-audio endpoint, allowing attackers to access files outside the intended directory through manipulated file paths.

Remote attackers can exploit the vulnerability by crafting malicious requests to the FastAPI backend's stream-audio endpoint to access unauthorized files on the server filesystem.

Awesome-LLM-Apps project commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19), specifically the Beifong AI News and Podcast Agent backend component.

Apply input validation and sanitization to the stream-audio endpoint to prevent path traversal attacks. Review and restrict file access permissions for the affected component.