CVE-2026-44225: Pulpy Packager Allows Arbitrary File Access
A critical vulnerability, CVE-2026-44225, has been identified in Pulpy, a desktop application packager for web apps. Prior to version 0.1.1, Pulpy injects a JavaScript API (pulpy.fs) into packaged web applications, granting them direct access to the host filesystem. While a validateFsPath() function was intended to sandbox this access, its blocklist is incomplete, rendering it ineffective.
This flaw means any web application packaged with Pulpy can read and write arbitrary files within a user’s home directory. The implications are severe: attackers could target sensitive files such as ~/.ssh/id_rsa, ~/.aws/credentials, and ~/Library/Keychains/, leading to credential theft, unauthorized cloud access, or further system compromise. The National Vulnerability Database has assigned this vulnerability a CVSS score of 9.3 (CRITICAL), highlighting its significant risk.
Defenders must recognize the profound impact of this type of arbitrary file access. It bypasses typical application sandboxing and moves directly to high-value targets. The attacker’s calculus here is simple: leverage a common packaging utility to gain a direct path to the crown jewels. Organizations using Pulpy for internal or external applications must immediately patch to version 0.1.1 or later to mitigate this critical risk.
What This Means For You
- If your organization uses Pulpy to package web applications, you are directly exposed to CVE-2026-44225. Immediately identify all applications built with Pulpy and verify they are running version 0.1.1 or newer. Prioritize patching, and in the interim, consider isolating systems running vulnerable Pulpy-packaged apps. Assume compromise of critical user credentials if unpatched versions are in use.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-44225: Pulpy Packager Arbitrary File Read of SSH Keys
title: CVE-2026-44225: Pulpy Packager Arbitrary File Read of SSH Keys
id: scw-2026-05-12-ai-1
status: experimental
level: critical
description: |
Detects attempts to read SSH private keys, a common target for attackers exploiting CVE-2026-44225. The Pulpy packager's flawed file access API allows arbitrary file reads, and SSH keys are high-value targets for credential theft and lateral movement.
author: SCW Feed Engine (AI-generated)
date: 2026-05-12
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-44225/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: file_access
detection:
selection:
TargetFilename|contains:
- '/.ssh/id_rsa'
- '\.ssh\id_rsa'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-44225 | Information Disclosure | Pulpy desktop application packager prior to version 0.1.1 |
| CVE-2026-44225 | Path Traversal | Pulpy's pulpy.fs JavaScript API with incomplete validateFsPath() blocklist |
| CVE-2026-44225 | Information Disclosure | Access to host filesystem, specifically ~/.ssh/id_rsa, ~/.aws/credentials, and ~/Library/Keychains/ |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 12, 2026 at 23:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
Wing FTP Server RCE (CVE-2026-44403) Allows Admin Lua Injection
CVE-2026-44403 — Wing FTP Server 8.1.2 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary...
CVE-2026-44246: nnU-Net Agentic Workflow Injection Puts GitHub Workflows at Risk
CVE-2026-44246 — nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in...
CVE-2026-44240: basic-ftp Client-Side DoS Poses Risk to Node.js Applications
CVE-2026-44240 — basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline...