CVE-2025-66449HIGH 8.8EPSS p47.3%

CVE-2025-66449CVE-2025-66449

Description

ConvertXis a self-hosted online file converter. In versions prior to 0.16.0, the endpoint `/upload` allows an authenticated user to write arbitrary files on the system, overwriting binaries and allowing code execution. The upload function takes `file.name` directly from user supplied data without doing any sanitization on the name thus allowing for arbitrary file write. This can be used to overwrite system binaries with ones provided from an attacker allowing full code execution. Version 0.16.0 contains a patch for the issue.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.67% probability of exploitation · percentile 47.3% · 2026-06-18T12:00:27Z
Published2025-12-16
Last modified2026-01-07

Underlying weaknesses· 3

CWE-22CWE-73CWE-434

References

  1. https://github.com/C4illin/ConvertX/blob/4ae2aab66ace7cdcc14c5a16ecaaf2372b9ccbdf/src/pages/upload.tsx#L27-L30
  2. https://github.com/C4illin/ConvertX/commit/550f472451755d095cf5802bc91f403e85b7129e
  3. https://github.com/C4illin/ConvertX/security/advisories/GHSA-cpww-gwgc-p72r
  4. https://github.com/C4illin/ConvertX/security/advisories/GHSA-cpww-gwgc-p72r

3

TypeTargetConfidenceTier
WeaknessImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')cwe-220%live
WeaknessUnrestricted Upload of File with Dangerous Typecwe-4340%live
WeaknessExternal Control of File Name or Pathcwe-730%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24741
CVE
CVE-2025-63994
CVE
CVE-2025-69621
CVE
CVE-2025-69981
CVE
CVE-2025-60947
CVE
CVE-2025-3115
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.