Vulnerability Database

308,485

Total vulnerabilities in the database

CVE-2025-58753

Copyparty is a portable file server. In versions prior to 1.19.8, there was a missing permission-check in the shares feature (the shr global-option). When a share was created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames. It was not possible to descend into subdirectories in this manner; only the sibling files were accessible. This issue did not affect filekeys or dirkeys. Version 1.19.8 fixes the issue.

Published: Sep 9, 2025
Updated: Nov 17, 2025
CVE: CVE-2025-58753
GHSA: GHSA-pxvw-4w88-6x95
Severity: Medium
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

Affected Software
References

Software	From	Fixed in
copyparty	-	1.19.8
9001 / copyparty	-	1.19.8

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo