CVE-2025-10854 | neuml txtai up to 9.0.0 TAR File symlink

September 22, 2025 Yanac

A vulnerability described as critical has been identified in neuml txtai up to 9.0.0. This vulnerability affects unknown code of the component TAR File Handler. The manipulation results in symlink following.

This vulnerability was named CVE-2025-10854. The attack may be performed from remote. There is no available exploit.

A patch should be applied to remediate this issue.VulDB Recent EntriesRead More

CVE-2025-8079 | Akıllı Ticaret Software Technologies Smart Trade E-Commerce prior 4.5.0.0.1 cross site scripting
CVE-2025-9983 | GALAYOU G2 11.100001.01.28 missing authentication