CVE-2026-39844

MEDIUM5.9EPSS 0.06%

NiceGUI: Upload filename sanitization bypass via backslashes allows path traversal on Windows

Published: 4/8/2026Modified: 4/9/2026

Description

### Summary The upload filename sanitization introduced in GHSA-9ffm-fxg3-xrhh uses `PurePosixPath(filename).name` to strip path components. Since `PurePosixPath` only recognizes forward slashes (`/`) as path separators, an attacker can bypass this sanitization on Windows by using backslashes (`\`) in the upload filename. Applications that construct file paths using `file.name` (a pattern demonstrated in NiceGUI's bundled examples) are vulnerable to arbitrary file write on Windows. ### Details The sanitization in `nicegui/elements/upload_files.py` uses: ```python filename = PurePosixPath(upload.filename or '').name ``` `PurePosixPath` treats backslashes as literal characters, not path separators: ```python >>> PurePosixPath('..\\..\\secret\\evil.txt').name '..\\..\\secret\\evil.txt' # Not stripped! ``` When this filename is used in a path operation on Windows (e.g., `Path('uploads') / file.name`), Windows `Path` interprets backslashes as directory separators, resolving the path outside the intended directory. ### Impact On Windows deployments of NiceGUI applications that use `file.name` in path construction: - **Arbitrary file write** outside the intended upload directory - **Potential remote code execution** through overwriting application files or placing executables in known locations - **Data integrity loss** through overwriting existing files Linux and macOS are not affected, as they treat backslashes as literal filename characters.

Affected packages (1)

PyPI/niceguifrom 0, < 3.10.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Description

Affected packages (1)

CVSS scores

References (5)