{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-58192","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-06-29T17:09:25.871Z","datePublished":"2026-07-08T20:56:30.810Z","dateUpdated":"2026-07-09T14:12:23.522Z"},"containers":{"cna":{"title":"Appium: Unauthenticated arbitrary file/directory deletion in @appium/storage-plugin","problemTypes":[{"descriptions":[{"cweId":"CWE-22","lang":"en","description":"CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-73","lang":"en","description":"CWE-73: External Control of File Name or Path","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":8.6,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N","version":"3.1"}}],"references":[{"name":"https://github.com/appium/appium/security/advisories/GHSA-jwgx-mp9m-jwcr","tags":["x_refsource_CONFIRM"],"url":"https://github.com/appium/appium/security/advisories/GHSA-jwgx-mp9m-jwcr"},{"name":"https://github.com/appium/appium/pull/22362","tags":["x_refsource_MISC"],"url":"https://github.com/appium/appium/pull/22362"},{"name":"https://github.com/appium/appium/commit/5fee01752f2782e96fbe64fd13520b433d4a7535","tags":["x_refsource_MISC"],"url":"https://github.com/appium/appium/commit/5fee01752f2782e96fbe64fd13520b433d4a7535"},{"name":"https://github.com/appium/appium/releases/tag/%40appium/storage-plugin%401.1.6","tags":["x_refsource_MISC"],"url":"https://github.com/appium/appium/releases/tag/%40appium/storage-plugin%401.1.6"}],"affected":[{"vendor":"appium","product":"appium","versions":[{"version":"< 1.1.6","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-07-08T20:56:30.810Z"},"descriptions":[{"lang":"en","value":"Appium is a cross-platform automation framework for all kinds of apps, built on top of the W3C WebDriver protocol. Prior to 1.1.6, the Appium storage plugin exposes POST /storage/delete, whose handler passes the user-supplied name value directly into path.join(storageRoot, name) and fs.rimraf() without path sanitization, allowing an unauthenticated remote client to escape the storage root with ../ sequences and recursively delete arbitrary writable files or directories. This issue is fixed in version 1.1.6."}],"source":{"advisory":"GHSA-jwgx-mp9m-jwcr","discovery":"UNKNOWN"}},"adp":[{"references":[{"url":"https://github.com/appium/appium/security/advisories/GHSA-jwgx-mp9m-jwcr","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-07-09T14:11:43.271551Z","id":"CVE-2026-58192","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-07-09T14:12:23.522Z"}}]}}