CVE-2025-10236
BaseFortify
Publication date: 2025-09-11
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| binary-husky | gpt_academic | to 3.91 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10236 is a path traversal vulnerability in the gpt_academic software (up to version 3.91), specifically in the merge_tex_files_ function of the latex_toolbox.py file. The vulnerability occurs because the function improperly handles the \input{} directive in LaTeX files, failing to sanitize file paths. This allows an attacker to craft malicious input with directory traversal sequences (like ../) to access arbitrary files on the server or local filesystem remotely. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to read sensitive or confidential files on the server or system where the vulnerable software is running. Since the attack can be launched remotely with low complexity, it poses a risk to confidentiality. There is no impact on integrity or availability reported. The exploit is publicly available, increasing the risk of exploitation. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by analyzing the usage of the `merge_tex_files_` function in the `latex_toolbox.py` file for improper sanitization of the `\input{}` argument. On your system, you can search for `.tex` files that contain suspicious `\input{}` directives with directory traversal patterns such as `../`. For example, you can use the following command to find such patterns in `.tex` files: `grep -r '\\input{\.\./' /path/to/tex/files`. Additionally, monitoring logs for unusual file access patterns or attempts to read files outside expected directories may help detect exploitation attempts. Since a public proof-of-concept exploit is available, testing with crafted `.tex` files containing traversal sequences can also confirm vulnerability presence. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of affected versions of gpt_academic (up to 3.91) and considering alternative products or updated versions if available. Since the vendor has not provided any patches or mitigations, users should restrict access to the vulnerable application, especially limiting remote access. Implementing input validation or sanitization on the `\input{}` argument to prevent directory traversal sequences is recommended if you can modify the source code. Monitoring and blocking suspicious file access attempts can also reduce risk. [2]