GHSA-2h46-9x5w-4wf7: Entire CLI: Path traversal in checkpoint session metadata allows arbitrary file write during resume/rewind

A path traversal vulnerability in Entire CLI allows an attacker with push access to the checkpoints repository to craft malicious checkpoint metadata that causes entire session resume or entire checkpoint rewind to write attacker-controlled transcript data outside of the expected session directory.

The issue occurs because checkpoint metadata is fetched from the remote entire/checkpoints/v1 branch and the SessionID field was used to construct filesystem paths without validation in the restore path. A malicious SessionID containing absolute paths or path traversal sequences could cause arbitrary files on the victim’s machine to be overwritten.