CVE-2025-66645
π΄ HIGHNiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary fil...
Description
Request Expert ReviewNiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
CVSS Scores
References
Additional Information
- Source
- security-advisories@github.com
- State
- Awaiting analysis
Related CVEs
CVE-2026-0837
HIGHA vulnerability was identified in UTT θΏε 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of...
CVE-2026-0836
HIGHA vulnerability was determined in UTT θΏε 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW...
CVE-2025-15505
LOWA vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function of the component Web Administration Interface. The...
CVE-2026-0824
LOWA security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results...
CVE-2026-0822
MEDIUMA vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The mani...
CVE-2025-13393
MEDIUMThe Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.3.1. This...
Share CVE-2025-66645
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-66645 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!