Vulnerability Database

296,748

Total vulnerabilities in the database

CVE-2025-54796

Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary RegExes. If this feature is enabled (which is the default), an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9.

Published: Aug 4, 2025
Updated: Aug 13, 2025
CVE: CVE-2025-54796
GHSA: GHSA-5662-2rj7-f2v6
Severity: High
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-400
CWE-833
CWE-1333

Affected Software
References

Software	From	Fixed in
copyparty	-	1.18.9

https://github.com/9001/copyparty/commit/09910ba80784c3980947d92f45db696398c0fd83
https://github.com/9001/copyparty/releases/tag/v1.18.9
https://github.com/9001/copyparty/security/advisories/GHSA-5662-2rj7-f2v6

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo