How is CVE-2026-32847 exploited?

Network reachability (required): The vulnerable endpoint is exposed over the network; an attacker must be able to send HTTP GET requests to the DeepCode backend service. Authentication (not-required): No credentials or session token are needed; the vulnerable catch-all route accepts unauthenticated requests. Victim interaction (not-required): Exploitation is fully attacker-driven and requires no action from any user of the affected system. Attack complexity (info): The exploit is reliable and condition-free; encoding slashes and dots in the request path is sufficient to trigger the traversal with no race condition or environmental dependency.

What is the impact of CVE-2026-32847?

Reads arbitrary files from the host filesystem accessible to the DeepCode process, including SSH private keys and TLS certificates. Reads application secrets and configuration files stored outside the FRONTEND_DIST directory, such as environment files and credential stores. Exposes any file readable by the server process user, enabling downstream credential theft or lateral movement using harvested key material.

Back to search

HIGHCVE-2026-32847Published 2026-05-28Modified 2026-05-30CNA VulnCheck

CVE-2026-32847: DeepCode 1.2.0 Path Traversal via SPA Catch-All Route in main.py

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in new_ui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /{full_path:path} endpoint. Attackers can bypass Starlette's path normalization by encoding slashes as %2F and dots as %2E%2E, causing the joined path to traverse outside FRONTEND_DIST and exposing sensitive files such as SSH private keys, TLS certificates, and application secrets with a single HTTP request.

HarborGuard Analysis

HarborGuard analysis

Synopsis

A path traversal vulnerability in DeepCode 1.2.0 allows unauthenticated remote attackers to read arbitrary files from the host filesystem. The flaw exists in the SPA catch-all route in new_ui/backend/main.py, where percent-encoded path segments (slashes as %2F, dots as %2E%2E) bypass Starlette's path normalization and escape the intended FRONTEND_DIST directory. Successful exploitation gives an attacker direct read access to sensitive files such as SSH private keys, TLS certificates, and application secrets via a single HTTP GET request. No fix version has been published; HarborGuard tracks this advisory for patch availability.

HarborGuard Coverage

Detection

Detection of CVE-2026-32847 is available across every HarborGuard environment. The CVE is ingested from upstream feeds within minutes of publication and matched against customer images in connected registries and CI/CD pipelines, including custom-built images that package DeepCode at any affected version up to and including commit c991dc2.

Available

Triage

Triage is available using the CVSS v4.0 score of 8.7 (HIGH), weighted against each customer organization's per-environment compliance policy to determine priority. Findings are routable to the appropriate team inbox within each customer org based on configured ownership rules.

Available

Patch

Because no upstream fix version has been published for this CVE, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment an upstream fix is released. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will be triggered automatically at that point.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The vulnerable endpoint is exposed over the network; an attacker must be able to send HTTP GET requests to the DeepCode backend service.
AuthenticationNot required
No credentials or session token are needed; the vulnerable catch-all route accepts unauthenticated requests.
Victim interactionNot required
Exploitation is fully attacker-driven and requires no action from any user of the affected system.
Attack complexityDetail
The exploit is reliable and condition-free; encoding slashes and dots in the request path is sufficient to trigger the traversal with no race condition or environmental dependency.

Blast Radius

Reads arbitrary files from the host filesystem accessible to the DeepCode process, including SSH private keys and TLS certificates.
Reads application secrets and configuration files stored outside the FRONTEND_DIST directory, such as environment files and credential stores.
Exposes any file readable by the server process user, enabling downstream credential theft or lateral movement using harvested key material.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-32847 is active across customer environments scanning images that include DeepCode at or below version 1.2.0 or commit c991dc2. Because no upstream patch exists at this time, HarborGuard monitors the advisory on every ingest cycle and will make a patched-image rebuild available automatically once the upstream maintainers publish a fix. For customers with auto-remediation enabled, that rebuild will be followed immediately by a regression run and a PR opened against affected workloads. While no patch is available, compensating controls worth considering include isolating the DeepCode backend behind a network policy that restricts inbound HTTP access to trusted sources only, applying egress filtering to limit what the service process can reach if keys are exfiltrated, and disabling or gating the SPA catch-all route at the reverse-proxy layer if the application's functionality permits it.

See how HarborGuard automates this

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

HKUDS / DeepCode
≤ 1.2.0 · ≤ c991dc22e67958a031f2e20595128a6a5fbd8f3d

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

References