CVE-2025-59352 | Dragonfly up to 2.0.x gRPC API/HTTP APIs path traversal (GHSA-79hx-3fp8-hj66)

September 18, 2025 Yanac

A vulnerability was found in Dragonfly up to 2.0.x. It has been rated as critical. The affected element is an unknown function of the component gRPC API/HTTP APIs. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-59352. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More