CVE-2025-6278 | Upsonic up to 0.55.6 markdown/server.py os.path.join file.filename path traversal (Issue 356)

A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal.

This vulnerability was named CVE-2025-6278. The attack needs to be initiated within the local network. Furthermore, there is an exploit available.VulDB Recent EntriesRead More