External risk intelligence

Pulpy could allow internal attacker to steal sensitive credentials and files.

CVE advisorySeverity: CRITICAL (CVSS 9.3)

CVE-2026-44225

Pulpy contains a security flaw allowing an internal attacker to bypass access restrictions and steal sensitive data, such as SSH keys and cloud credentials. This could lead to unauthorized access to critical systems and compromise your organization's remote infrastructure.

1Halo Surface Signal

Path Traversal

External exposure likelihood

Halo Surface Signal score for CVE-2026-44225

The vulnerability affects a desktop application packaging tool used to bundle web applications for local user workstations. It is a client-side utility rather than an internet-facing service, remote access gateway, or network appliance, making it inherently isolated from public network exposure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Horizon Alert

Summary of the vulnerability and why it matters

This issue in Pulpy, an application packaging tool, allows any packaged web app to access and modify files on the user's computer. This is a significant risk because it could expose sensitive information or compromise system security.

  • Sensitive files can be read or written.
  • Affects users running packaged apps.
  • Credentials and keys are at risk.

Attack Path

How an attacker could exploit the issue

An attacker could trick a user into running a malicious web app packaged by an older version of Pulpy. This would allow the attacker to read sensitive files like SSH keys or cloud credentials from the user's home directory, or potentially write files to modify system behavior.

  • User must install app.
  • Attack surfaces web app.
  • Requires user interaction.

Live Threat

Current exploitation, exposure, and threat context

Attackers may find this vulnerability less appealing due to its client-side nature. The need for user interaction to run a packaged application makes direct remote exploitation difficult. However, successful exploitation could grant significant access to sensitive user files.

  • Targeted attacks are possible.
  • No public exploit is available.
  • Recency is uncertain.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize disabling or isolating affected services due to the critical nature of arbitrary file read/write access. Since a reliable exploit exists and a fix is available, teams should focus on patching or implementing strict containment measures.

  • Patch Pulpy to version 0.1.1.
  • Isolate web applications using affected Pulpy versions.
  • Monitor for unauthorized file access in user directories.

Frequently asked questions

What is Pulpy and how does it function as a desktop application packaging tool?

Pulpy is a tool designed to package web applications into standalone desktop applications. It achieves this by injecting a JavaScript API (pulpy.fs) into the packaged web app, granting it access to the host's file system.

What type of vulnerability does CVE-2026-44225 represent and what is its classification?

CVE-2026-44225 is a directory traversal vulnerability (CWE-22, CWE-284). This occurs when an application fails to properly sanitize user input used in file paths, allowing access beyond intended directories.

How can an attacker exploit the Pulpy vulnerability to access sensitive files?

An attacker can exploit this by tricking a user into running a web app packaged with an older version of Pulpy. The vulnerability allows the packaged app to read arbitrary files from the user's home directory, including SSH keys and cloud credentials.

What is the relevance of CVE-2026-44225, considering its client-side nature?

While its client-side nature and requirement for user interaction make direct remote exploitation challenging, attackers could still target users. Successful exploitation grants significant access to sensitive user files, as noted in Halo's threat advisory.

What steps should be taken to remediate the risks associated with Pulpy's file access vulnerability?

The primary remediation is to update Pulpy to version 0.1.1 or later. If updating is not immediately possible, affected web applications should be isolated, and monitoring for unauthorized file access in user directories should be implemented.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified