Vulnerabilities

Report: Update: CVE-2026-8770 - continuedev continue JSON-RPC Server lsTool.ts lsTool path traversal

2026-05-18 0 views admin

CVE ID :CVE-2026-8770 Published : May 18, 2026, 12:16 a.m. | 38 minutes ago Description :A vulnerability was identified in continuedev continue up to 1.2.22. This affects the function lsTool of the file core/tools/implementations/lsTool.ts of the component JSON-RPC Server. Such manipulation of the argument dirPath leads to path traversal. An attack has to be approached locally. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-8770

Severity

LOW

Published

May 18, 2026

Impact: path traversal

🏷️ Tags

reportupdatecontinuedevcontinueserverlstooltraversalpublishedcvecve-2026-8770

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: Update: CVE-2026-8770 - continuedev continue JSON-RPC Server lsTool.ts lsTool path traversal

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-29518 - Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write

Report: CVE-2026-3593 - Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation - Full Analysis

Report: Ultimate Guide: CVE-2026-3592 - Amplification vulnerabilities via self-pointed glue records

Report: Ultimate Guide: CVE-2026-3039 - BIND 9 server memory exhaustion during GSS-API TKEY negotiation

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting