Path Traversal Flaw in Rembg Tool by Daniel Gatis
CVE-2026-40086

5.3MEDIUM

Key Information:

Vendor

Danielgatis

Status
Rembg
Vendor
CVE Published:
10 April 2026

What is CVE-2026-40086?

Rembg, a tool designed for background removal, contains a path traversal vulnerability in its HTTP server that affects all versions prior to 2.0.75. This flaw enables unauthenticated attackers to send crafted requests that include a malicious 'model_path' parameter. Consequently, attackers can exploit this vulnerability to access arbitrary files on the server, thereby potentially revealing sensitive information through error messages that disclose file existence and permissions. The vulnerability has been patched in version 2.0.75, reinforcing the need for users to update immediately to secure their systems.

Affected Version(s)

rembg < 2.0.75

References

https://github.com/danielgatis/rembg/security/advisories/...
x_refsource_CONFIRM
https://github.com/danielgatis/rembg/commit/7c76d3cdc5757...
x_refsource_MISC
https://github.com/danielgatis/rembg/releases/tag/v2.0.75
x_refsource_MISC

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.