CVE-2026-39844
NiceGUI: Upload filename sanitization bypass via backslashes allows path traversal on Windows
Description
### Summary The upload filename sanitization introduced in GHSA-9ffm-fxg3-xrhh uses `PurePosixPath(filename).name` to strip path components. Since `PurePosixPath` only recognizes forward slashes (`/`) as path separators, an attacker can bypass this sanitization on Windows by using backslashes (`\`) in the upload filename. Applications that construct file paths using `file.name` (a pattern demonstrated in NiceGUI's bundled examples) are vulnerable to arbitrary file write on Windows. ### Details The sanitization in `nicegui/elements/upload_files.py` uses: ```python filename = PurePosixPath(upload.filename or '').name ``` `PurePosixPath` treats backslashes as literal characters, not path separators: ```python >>> PurePosixPath('..\\..\\secret\\evil.txt').name '..\\..\\secret\\evil.txt' # Not stripped! ``` When this filename is used in a path operation on Windows (e.g., `Path('uploads') / file.name`), Windows `Path` interprets backslashes as directory separators, resolving the path outside the intended directory. ### Impact On Windows deployments of NiceGUI applications that use `file.name` in path construction: - **Arbitrary file write** outside the intended upload directory - **Potential remote code execution** through overwriting application files or placing executables in known locations - **Data integrity loss** through overwriting existing files Linux and macOS are not affected, as they treat backslashes as literal filename characters.
How to fix CVE-2026-39844
To remediate CVE-2026-39844, upgrade the affected package to a fixed version below.
- —upgrade to 3.10.0 or later
Is CVE-2026-39844 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3.10.0