CVE-2026-25057CRITICAL 9.1EPSS p36.9%

CVE-2026-25057CVE-2026-25057

Description

MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration (courses/<:course_id>/assignments/upload_config_files). The uploaded zip file entry names are used to create paths to write files to disk without checking these paths. This vulnerability is fixed in 2.9.1.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS0.47% probability of exploitation · percentile 36.9% · 2026-06-18T12:00:27Z
Published2026-02-09
Last modified2026-02-19

Underlying weaknesses· 1

CWE-23

References

  1. https://github.com/MarkUsProject/Markus/commit/0ca002a1f0071c7a00dbb2ed34fede57323c5dc7
  2. https://github.com/MarkUsProject/Markus/releases/tag/v2.9.1
  3. https://github.com/MarkUsProject/Markus/security/advisories/GHSA-mccg-p332-252h

1

TypeTargetConfidenceTier
WeaknessRelative Path Traversalcwe-230%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-60507
CVE
CVE-2025-10329
CVE
CVE-2025-2687
CVE
CVE-2026-21628
CVE
CVE-2025-11347
CVE
CVE-2025-3115
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.