Description

A directory traversal (Zip Slip) vulnerability exists in the “Static Sites” feature of 66biolinks v44.0.0 by AltumCode. Uploaded ZIP archives are automatically extracted without validating or sanitizing file paths. An attacker can include traversal sequences (e.g., ../) in ZIP entries to write files outside the intended extraction directory. This allows static files (html, js, css, images) file write to unintended locations, or overwriting existing HTML files, potentially leading to content defacement and, in certain deployments, further impact if sensitive files are overwritten.

INFO

Published Date :

2026-01-28T00:00:00.000Z

Last Modified :

2026-02-02T15:51:24.053Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-69601 vulnerability.

Vendors Products
Altumcode
  • 66biolinks
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-69601.

URL Resource
https://gist.github.com/Waqar-Arain/9cd59aa74de540eeb3b09d15bac35e36 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact