Imagine handing a stranger the keys to your filing cabinet when you only meant to give them a single folder — that's essentially what this vulnerability does to thousands of developer servers right now.
Who's at Risk — and How Bad Is It?
The Wish library, built by the team at Charm, is a popular open-source toolkit that lets developers quickly spin up custom SSH servers in Go. It's used broadly across developer tooling, internal platforms, self-hosted cloud services, and hobbyist projects — anywhere a developer wants to stand up a secure, accessible server quickly without reinventing the wheel. If your team ships any kind of SSH-accessible service built on Wish version 2.0.0, you are currently running a server with a critical-rated hole in it.
The vulnerability carries a CVSS score of 9.6 out of 10, placing it firmly in "drop everything and patch" territory. While there are no confirmed active exploits in the wild at the time of writing, a score this high — combined with a straightforward attack technique — means that changes quickly. Security teams typically have a very short window before proof-of-concept code appears publicly and opportunistic attackers start scanning.
What an Attacker Can Actually Do
To understand the danger, picture a library that lets you share files with guests. You've set up a special guest room — a single, restricted folder — and told visitors they can only touch what's inside that room. Now imagine a guest discovers that if they ask for a file using a cleverly worded path — something like "go up two floors, turn left, open that door" — the library ignores your rules entirely and fetches whatever they asked for, from anywhere in the building. That's a path traversal attack in plain English, and it's exactly what's happening here.
In this case, the attack happens over SCP — the file-copying protocol that piggybacks on SSH connections. A malicious client connects to your Wish-powered server and sends specially crafted filenames that contain navigational shortcuts like ../ (which means "go up one directory level" in file system language). By chaining several of these together, an attacker can escape the safe sandbox the server administrator configured and reach the wider file system. The consequences are severe in three directions: they can read any file the server process has access to (think configuration files, private keys, database credentials), they can write arbitrary files anywhere on disk (think malicious scripts, backdoors, or corrupted data), and they can create directories outside the intended root. Any one of these alone would be serious. All three together is a full server compromise waiting to happen.
What makes this particularly dangerous for teams running internal developer tooling is the trust model. SSH servers inside a company network are often granted elevated permissions, sit behind minimal monitoring, and are accessed by engineers who assume the channel is inherently safe. An attacker who gains a foothold — even a low-privileged internal user — could pivot through this vulnerability to steal credentials that unlock far broader access across the organization.
The Technical Detail That Matters
For security researchers and engineers auditing their stack: the vulnerable component is the SCP middleware specifically, located in charm.land/wish/v2. The vulnerability class is path traversal via unsanitized filename handling in the SCP protocol handler. The library failed to sanitize or canonicalize filenames received from connecting clients before using them to resolve file system paths, allowing ../ sequences to escape the configured root directory. It affects versions 2.0.0 up to (but not including) 2.0.1. The fix, introduced in 2.0.1, enforces proper path sanitization before any file operation is performed. This is tracked as CVE-2026-41589.
What We Know About Discovery and Exploitation
The vulnerability was patched by the Charm team in version 2.0.1. At the time of publication, there is no confirmed active exploitation in the wild, and no known victim organizations or attack campaigns have been attributed to this flaw. However, the security community's standard guidance applies here with extra urgency: a CVSS 9.6 with a well-understood attack class and a public CVE identifier is a combination that attracts attention fast. Path traversal vulnerabilities are among the most consistently exploited categories of bugs — they're easy to understand, easy to automate into scanners, and devastatingly effective when they land. The window between "no known exploitation" and "actively exploited in the wild" can be measured in days, not weeks.
What You Need to Do Right Now
If you're running any Go application that uses the Wish SSH library, take these three steps today:
-
Update to Wish v2.0.1 immediately. Run
go get charm.land/wish/v2@v2.0.1in your project directory, then rebuild and redeploy your application. This is the only complete fix. There is no workaround that provides equivalent protection — if you're using the SCP middleware on version 2.0.0, you are exposed until you upgrade. -
Audit your server's access logs for suspicious SCP activity. Look for file transfer requests that contain
../or..\sequences in the requested filename fields. If you find them, treat it as a potential incident — rotate any credentials or private keys stored on that server, review what files may have been read or modified, and consider your server compromised until proven otherwise. - Review the permissions of the process running your Wish server. As a defense-in-depth measure, ensure your SSH server process runs as a dedicated low-privilege user with access only to the files it genuinely needs. This won't fix the vulnerability, but it limits the blast radius if any similar flaw surfaces in the future — and it's good security hygiene regardless.
CVE-2026-41589 | CVSS 9.6 (Critical) | Affects: charm.land/wish/v2 versions 2.0.0 | Fixed in: 2.0.1 | No active exploitation confirmed at time of publication.