VYPR
High severityNVD Advisory· Published Mar 17, 2026· Updated Mar 17, 2026

Ray Dashboard <= 2.8.0 Path Traversal Leading to Local File Disclosure

CVE-2026-32981

Description

A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traversal sequences (e.g., ../) to access files outside the intended static directory, resulting in local file disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
rayPyPI
< 2.8.12.8.1

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.