{ "affected": [ { "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "37cdc28ceb46e505d25221584daf1fe61e26b2cc" } ], "repo": "https://github.com/cinnamon/kotaemon", "type": "GIT" } ] } ], "aliases": [ "GHSA-jw4w-xcvf-jq5x" ], "database_specific": { "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-22" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53358.json" }, "details": "kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the index_fn method accepts both URLs and local file paths without validation. The pipeline streams these paths directly and stores them, enabling attackers to traverse directories (e.g. ../../../../../.env) and exfiltrate sensitive files. This issue has been patched via commit 37cdc28, in version 0.10.7 which has not been made public at time of publication.", "id": "CVE-2025-53358", "modified": "2026-04-01T23:08:40.381287776Z", "published": "2025-07-02T15:38:35.195Z", "references": [ { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/53xxx/CVE-2025-53358.json" }, { "type": "ADVISORY", "url": "https://github.com/Cinnamon/kotaemon/security/advisories/GHSA-jw4w-xcvf-jq5x" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53358" }, { "type": "FIX", "url": "https://github.com/Cinnamon/kotaemon/commit/37cdc28ceb46e505d25221584daf1fe61e26b2cc" }, { "type": "FIX", "url": "https://github.com/Cinnamon/kotaemon/pull/755" } ], "schema_version": "1.7.3", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ], "summary": "kotaemon Vulnerable to Path Traversal via Link Upload" }