{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5535", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-04T06:40:45.888Z", "datePublished": "2026-04-05T02:00:17.300Z", "dateUpdated": "2026-04-06T15:36:13.025Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-05T02:00:17.300Z"}, "title": "FedML-AI FedML MQTT Message FileUtils.java path traversal", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "Path Traversal"}]}], "affected": [{"vendor": "FedML-AI", "product": "FedML", "versions": [{"version": "0.8.0", "status": "affected"}, {"version": "0.8.1", "status": "affected"}, {"version": "0.8.2", "status": "affected"}, {"version": "0.8.3", "status": "affected"}, {"version": "0.8.4", "status": "affected"}, {"version": "0.8.5", "status": "affected"}, {"version": "0.8.6", "status": "affected"}, {"version": "0.8.7", "status": "affected"}, {"version": "0.8.8", "status": "affected"}, {"version": "0.8.9", "status": "affected"}], "modules": ["MQTT Message Handler"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-04T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-04T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-04T08:45:55.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Ana10gy (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355288", "name": "VDB-355288 | FedML-AI FedML MQTT Message FileUtils.java path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355288/cti", "name": "VDB-355288 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/782200", "name": "Submit #782200 | FedML-AI FedML <=0.8.9 Path Traversal", "tags": ["third-party-advisory"]}, {"url": "https://github.com/AnalogyC0de/public_exp/issues/25", "tags": ["exploit", "issue-tracking"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T15:36:03.761442Z", "id": "CVE-2026-5535", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:36:13.025Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5535", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T15:36:03.761442Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:36:08.675Z"}}], "cna": {"title": "FedML-AI FedML MQTT Message FileUtils.java path traversal", "credits": [{"lang": "en", "type": "reporter", "value": "Ana10gy (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "FedML-AI", "modules": ["MQTT Message Handler"], "product": "FedML", "versions": [{"status": "affected", "version": "0.8.0"}, {"status": "affected", "version": "0.8.1"}, {"status": "affected", "version": "0.8.2"}, {"status": "affected", "version": "0.8.3"}, {"status": "affected", "version": "0.8.4"}, {"status": "affected", "version": "0.8.5"}, {"status": "affected", "version": "0.8.6"}, {"status": "affected", "version": "0.8.7"}, {"status": "affected", "version": "0.8.8"}, {"status": "affected", "version": "0.8.9"}]}], "timeline": [{"lang": "en", "time": "2026-04-04T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-04T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-04T08:45:55.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/355288", "name": "VDB-355288 | FedML-AI FedML MQTT Message FileUtils.java path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355288/cti", "name": "VDB-355288 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/782200", "name": "Submit #782200 | FedML-AI FedML <=0.8.9 Path Traversal", "tags": ["third-party-advisory"]}, {"url": "https://github.com/AnalogyC0de/public_exp/issues/25", "tags": ["exploit", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Path Traversal"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-05T02:00:17.300Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5535", "state": "PUBLISHED", "dateUpdated": "2026-04-06T15:36:13.025Z", "dateReserved": "2026-04-04T06:40:45.888Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-05T02:00:17.300Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-5535", "lastModified": "2026-04-05T03:16:01.700", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-05T03:16:01.700", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/AnalogyC0de/public_exp/issues/25"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/782200"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355288"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355288/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.5"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.6"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.7"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.8"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.9"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "FedML", "source": "cna", "vendor": "FedML-AI"}, "product": "fedml", "vendor": "fedml-ai"}], "analysis": {"en": {"generated_at": "2026-04-05T05:20:35.149567+00:00", "value": {"mitigation_remediation": ["Upgrade to a version later than 0.8.9 if one exists.\n", "If an upgrade is unavailable, isolate the affected host from external MQTT traffic using firewall rules or network segmentation.\n", "Implement server\u2011side input validation to reject dataset arguments containing path traversal sequences.\n", "Monitor MQTT logs for anomalous requests attempting to access protected files.\n", "Check the vendor\u2019s site or security advisories regularly for a future patch."], "summary": {"action": "Mitigate", "impact": "Unauthorized Access via Path Traversal"}, "threat_synthesis": {"affected_systems": "FedML-AI\u2019s FedML product, versions up to and including 0.8.9, is affected. No further version details are supplied.\n", "description_and_impact": "The flaw resides in FileUtils.java within the MQTT message handling component of FedML-AI FedML. By manipulating the argument dataSet, an attacker can perform a path traversal attack, enabling reading or writing of files outside the intended directory. This weakness can compromise confidentiality and integrity of the system\u2019s files and configuration.\n", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity. EPSS information is missing, and the vulnerability is not listed in the CISA KEV catalog. The description explicitly states the attack is possible remotely, likely via an MQTT interface that accepts a dataset parameter. An attacker who can send crafted MQTT messages could exploit the path traversal to gain unauthorized file access.\n"}}}}, "created": "2026-04-06T20:26:44.543023+00:00", "updated": "2026-04-06T21:57:19.441062+00:00", "vendors": ["fedml-ai", "fedml-ai$PRODUCT$fedml"]}