{"vulnerability": "cve-2026-46383", "sightings": [{"uuid": "a6755183-2b5d-43dc-a1cc-61a521e3065c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-46383", "type": "published-proof-of-concept", "source": "https://github.com/microsoft/apm/security/advisories/GHSA-mq5j-pw29-jcv3", "content": "", "creation_timestamp": "2026-05-11T14:08:53.000000Z"}, {"uuid": "72b0c696-46ac-423d-ab9b-dc7dc05d52bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-46383", "type": "seen", "source": "https://gist.github.com/alon710/603dfdf0e01af88d7ae6413c9f3332fe", "content": "# CVE-2026-46383: CVE-2026-46383: Arbitrary File Overwrite via Path Traversal (TarSlip) in Microsoft APM\n\n> **CVSS Score:** 5.5\n> **Published:** 2026-05-15\n> **Full Report:** https://cvereports.com/reports/CVE-2026-46383\n\n## Summary\nA path traversal vulnerability exists in the legacy-bundle probing logic of Microsoft APM, an open-source dependency manager for AI agents. On Windows systems using Python versions prior to 3.12, this allows local attackers to overwrite arbitrary files via a crafted tarball.\n\n## TL;DR\nMicrosoft APM < 0.13.0 on Windows is vulnerable to an arbitrary file overwrite during archive extraction. Exploitation requires user interaction to install a crafted tarball.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CVE ID**: CVE-2026-46383\n- **CWE ID**: CWE-22\n- **CVSS Score**: 5.5\n- **Attack Vector**: Local (User Interaction Required)\n- **Impact**: High Integrity (Arbitrary File Overwrite)\n- **Exploit Status**: Proof of Concept\n- **CISA KEV**: Not Listed\n\n## Affected Systems\n\n- Microsoft APM on Windows environments using Python < 3.12\n- **microsoft/apm**: < 0.13.0 (Fixed in: `0.13.0`)\n\n## Mitigation\n\n- Upgrade the software dependency\n- Upgrade the Python runtime environment\n- Implement strict source validation for installed bundles\n- Enforce least privilege execution\n\n**Remediation Steps:**\n1. Identify all deployments of microsoft/apm currently in use.\n2. Update the package to version 0.13.0 using the appropriate package manager.\n3. Ensure the host system is running Python 3.12 or later to benefit from native extraction filters.\n4. Audit the filesystem for unexpectedly modified files if untrusted bundles were installed prior to patching.\n\n## References\n\n- [GHSA-mq5j-pw29-jcv3](https://github.com/microsoft/apm/security/advisories/GHSA-mq5j-pw29-jcv3)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-46383) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-15T18:40:29.000000Z"}]}