Paperclip: Arbitrary File Read via Agent-Controlled adapterConfig.instructionsFilePath
- Severity:
- Medium
Description
Paperclip contains an arbitrary file read vulnerability that allows an attacker with an Agent API key to read files from the Paperclip server host filesystem. The vulnerability occurs because agents are allowed to modify their own adapterConfig through the /agents/:id API endpoint. The configuration field adapterConfig.
Recommendation
Update the @paperclipai/shared package to the latest compatible version. Followings are version details:
- Affected version(s): < 2026.416.0
- Patched version(s): 2026.416.0
References
Related Issues
- Paperclip: Privilege Escalation via Agent-Controlled workspaceStrategy.provisionCommand Leading to OS Command Execution - CVE-2026-41208
- @saltcorn/server arbitrary file zip read and download when downloading auto backups - Vulnerability
- Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket - CVE-2026-39363
- Paperclip: Approval decision attribution spoofing via client-controlled `decidedByUserId` in paperclip server - Vulnerability
You might also like:
- Tags:
- npm
- @paperclipai/shared
Anything's wrong? Let us know Last updated on April 16, 2026