dagu — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in dagu, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-33344	Dagu has an incomplete fix for CVE-2026-27598: path traversal via %2F-encoded slashes in locateDAG CWE-22	8.1	High	2026-03-24
CVE-2026-31886	Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution CWE-22	9.1	Critical	2026-03-13
CVE-2026-31882	Dagu SSE Authentication Bypass in Basic Auth Mode CWE-306	7.5	High	2026-03-13
CVE-2026-27598	Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory CWE-22	8.8	-	2026-02-25

All 4 known CVE vulnerabilities affecting dagu with full Chinese analysis, references, and POCs where available.