CVE-2025-65345 | alexusmai laravel-file-manager up to 3.3.1 ZIP path traversal

December 4, 2025 Yanac

A vulnerability classified as critical was found in alexusmai laravel-file-manager up to 3.3.1. This impacts an unknown function of the component ZIP Handler. Executing manipulation can lead to path traversal.

This vulnerability is tracked as CVE-2025-65345. The attack is only possible within the local network. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-66293 | pnggroup libpng up to 1.6.51 Simplified API png_sRGB_base out-of-bounds (ID 764)
CVE-2025-65096 | rommapp romm up to 4.4.0/4.4.1-beta.1 access control (GHSA-5ghc-8wr3-788c)