CVE-2026-27199

MEDIUM

Werkzeug < 3.1.6 - Denial of Service via Windows Device Name Path Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-27199. PoCs published by XiaomingX, alimezar.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2026-27199, demonstrating a bypass in Werkzeug's `safe_join()` function on Windows that allows access to device files (e.g., NUL) via nested path segments. The PoC includes a Python script that tests the vulnerability and confirms silent data loss when writing to a bypassed device path.

Description

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safe_join accepts paths with multiple segments, such as example/NUL. The function send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely. This issue has been fixed in version 3.1.6.

Exploits (2)

github WORKING POC 10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-27199

This repository contains a functional proof-of-concept exploit for CVE-2026-27199, demonstrating a bypass in Werkzeug's `safe_join()` function on Windows that allows access to device files (e.g., NUL) via nested path segments. The PoC includes a Python script that tests the vulnerability and confirms silent data loss when writing to a bypassed device path.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Werkzeug < 3.1.6
No auth needed
Prerequisites: Windows OS · Python 3.8+ · Werkzeug < 3.1.6
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC
by alimezar · poc
https://github.com/alimezar/CVE-2026-27199-werkzeug-safe-join-bypass-PoC

This repository contains a functional proof-of-concept exploit for CVE-2026-27199, demonstrating a bypass in Werkzeug's `safe_join()` function on Windows systems. The exploit shows how nested device names (e.g., 'subdir/NUL') bypass the security check, leading to silent data loss or indefinite read hangs.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Werkzeug < 3.1.6
No auth needed
Prerequisites: Windows OS · Python 3.8+ · Werkzeug < 3.1.6
devstral-2 · analyzed Feb 22, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 5.3
EPSS 0.0003
EPSS Percentile 8.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-67
Status published
Products (2)
palletsprojects/werkzeug < 3.1.6
pypi/werkzeug 0 - 3.1.6PyPI
Published Feb 21, 2026
Tracked Since Feb 21, 2026