Home / Vulnerability Intelligence / CVE-2026-32981

CVE-2026-32981 - Vulnerability Analysis

HighCVSS: 7.5

Last Updated: March 19, 2026

Ray Dashboard - Path Traversal

Published: March 17, 2026Updated: March 19, 2026PoC AvailableRemote Exploitable

Overview

Ray Dashboard < 2.8.1 contains a path traversal caused by improper validation of user-supplied paths in static file handling, letting attackers access files outside intended directories, exploit requires network access.

Severity & Score

Severity: High

CVSS Score: 7.5

EPSS Score: 6.5%(Probability of exploitation in next 30 days)

Impact

Attackers can access arbitrary local files, leading to sensitive information disclosure.

Mitigation

Update to version 2.8.1 or later.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 17, 2026

🟠 CVE-2026-32981 - High (7.5) A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traver... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32981/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-32981
Severity: High
CVSS Score: 7.5
Type: path_traversal
Status: confirmed
EPSS: 6.5%
Social Posts: 1

CWE

CWE-22

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

6.5%Probability of exploitation in the next 30 days