AGL app-framework-main Critical Zip Slip + TOCTOU Vulnerability (CVE-2026-37531)

/CRITICAL /CVSS 9.8/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvecriticalhigh-severitypath-traversal
AGL app-framework-main Critical Zip Slip + TOCTOU Vulnerability (CVE-2026-37531)

The National Vulnerability Database has disclosed CVE-2026-37531, a critical Zip Slip path traversal vulnerability combined with a Time-of-Check to Time-of-Use (TOCTOU) race condition in AGL app-framework-main versions up to 17.1.12. This flaw, rated 9.8 (Critical) on the CVSS scale, allows unauthenticated attackers to write arbitrary files anywhere on the filesystem.

The core issue lies in the widget installation flow. According to the National Vulnerability Database, the is_valid_filename function fails to block dot notation directory traversal sequences, only checking for absolute paths. Crucially, the file extraction via zread occurs before signature verification. Even if the signature check fails, the cleanup process only removes temporary work directory files, leaving maliciously placed files permanently on the system. This pre-authentication, pre-verification file write capability is a catastrophic design flaw.

This isn’t just a theoretical vulnerability; it’s a critical remote code execution vector. An attacker can craft a malicious widget, leverage the path traversal to write executable code to a sensitive location, and then potentially trigger its execution. The fact that files persist even after a failed signature verification means that defenders cannot rely on cryptographic checks to prevent initial compromise. This is a severe threat to the integrity and availability of affected systems.

What This Means For You

  • If your organization uses AGL app-framework-main, you need to immediately assess your exposure to CVE-2026-37531. Prioritize patching to version 17.1.12 or later if available, or implement compensating controls to restrict untrusted widget installations. Assume compromise if you cannot confirm patches are in place and audit your filesystem for unexpected files in critical directories, especially those that could be dropped by a widget installation process.

Related ATT&CK Techniques

T1505.003 Server Software Component Initial Access T1078.004 Cloud Accounts Persistence T1053.005 Scheduled Task/Job: Scheduled Task Privilege Escalation

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1505.003 Persistence

CVE-2026-37531 - AGL app-framework-main Zip Slip and TOCTOU Widget Installation

Sigma YAML — free preview 
title: CVE-2026-37531 - AGL app-framework-main Zip Slip and TOCTOU Widget Installation
id: scw-2026-05-01-ai-1
status: experimental
level: critical
description: |
  This rule detects the exploitation of CVE-2026-37531 in AGL app-framework-main. It specifically looks for the 'install-widget' command being executed by the AGL app-framework-main binary, combined with a '..' path traversal sequence in the TargetFilename, indicating a Zip Slip attack attempting to write files outside the intended directory. The TOCTOU race condition allows this to happen before signature verification.
author: SCW Feed Engine (AI-generated)
date: 2026-05-01
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-37531/
tags:
  - attack.persistence
  - attack.t1505.003
logsource:
    category: process_creation
detection:
  selection:
      Image|contains:
          - '/usr/bin/agl-app-framework-main'
      CommandLine|contains:
          - 'install-widget'
      TargetFilename|contains:
          - '../'
      condition: selection
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-37531 Path Traversal AGL app-framework-main thru 17.1.12, CWE-22, vulnerable function: is_valid_filename in wgtpkg-zip.c
CVE-2026-37531 Race Condition AGL app-framework-main thru 17.1.12, CWE-367, vulnerable function: install_widget in wgtpkg-install.c (extraction via zread occurs BEFORE signature verification)
CVE-2026-37531 Code Injection AGL app-framework-main thru 17.1.12, vulnerable function: zread using openat(workdirfd, filename, O_CREAT) allowing arbitrary file write

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 01, 2026 at 20:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-7588 — Ggerve Coding-Standards-Mcp Path Traversal

CVE-2026-7588 — A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35233 — Denial of Service

CVE-2026-35233 — An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to...

vulnerabilityCVEmedium-severitydenial-of-service
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7587 — Open5GS Denial of Service

CVE-2026-7587 — A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amf_nsmf_pdusession_handle_update_sm_context of the file /src/amf/nsmf-handler.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs