CVE-2026-46345: compliance-trestle - jinja has an Arbitrary File Write via Path Traversal

Relevant Products/Components: trestle/core/commands/author/jinja.py trestle author jinja --Detailed Description: The -o/--output argument in trestle author jinja allows writing files outside the intended workspace. The…

8.4CVSS Score

HIGHSeverity

NOCISA KEV

VulnerabilityImpact Type

📋 Vulnerability Details

CVE ID	CVE-2026-46345
Vendor	pip
Affected Product	compliance-trestle
Vulnerability Type	Vulnerability
CVSS Score	8.4 (HIGH)
Actively Exploited	❌ No known exploitation
Patch Status	See Vendor Advisory →
Reported By	CYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

• trestle author jinja ---

Relevant Products/Components: * trestle/core/commands/author/jinja.py

Detailed Description: The `-o/--output` argument in `trestle author jinja` allows writing files outside the intended workspace. The application does not properly validate: * `../`

• ..\

• absolute paths This allows arbitrary file write to attacker-controlled locations. Vulnerable code: ``python

• .git/hooks/*


• user writable config files This can lead to CI/CD compromise or local code execution. ---

output_file = trestle_root / r_output_file ` An attacker can overwrite files such as: * .github/workflows/*.yml

`Steps To Reproduce: 1. Clone the repository:` ``bash`

git clone https://github.com/oscal-compass/compliance-trestle.git cd compliance-trestle `` 2. Create template:

🎯 Known Indicators of Compromise

{"type":"url","value":"https://github.com/oscal-compass/compliance-trestle.git","confidence_score":0.82,"first_seen":"2026-05-29","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-46345 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries

🛡️ Get Detection Pack → 🔌 Access via API →