CVE-2025-61586 | THREATINT

Description

FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below are vulnerable to directory enumeration by setting path in theme field, allowing attackers to gain additional information about the server by checking if certain directories exist. This issue is fixed in version 1.27.0.

PUBLISHED Reserved 2025-09-26 | Published 2025-09-29 | Updated 2025-09-30 | Assigner GitHub_M

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

< 1.27.0

affected

References

github.com/...eshRSS/security/advisories/GHSA-w35p-p867-qr4f

github.com/FreshRSS/FreshRSS/pull/7722

github.com/...ommit/6549932d59aef3b72a9da29294af0f30ffb77af5

cve.org (CVE-2025-61586)

nvd.nist.gov (CVE-2025-61586)

Download JSON