What the vulnerability does
01Description
ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal.
CVE-2026-22070
HIGH
CVE-2026-22070: ColorOS Assistant Path Traversal Vulnerability
CVSS base score
7.1/10
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:H
Key dates
02Disclosure timeline
April 30, 2026
CVE published
April 30, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-0511 AM Java Policy Agent path traversal
CVE-2025-64714 PrivateBin's template-switching feature allows arbitrary local file inclusion through path traversal
CVE-2025-10203 Relative Path Traversal Vulnerability in Digilent WaveForms
CVE-2026-43616 Detect-It-Easy < 3.21 Path Traversal Arbitrary File Write
CVE-2026-33733 EspoCRM has Admin TemplateManager path traversal that allows arbitrary file read write and delete
