VYPR
← All advisories
Medium severityOSV Advisory· Published Aug 9, 2025· Updated Apr 15, 2026

CVE-2025-55149

CVE-2025-55149

Description

Tiny-Scientist is a lightweight framework for automating the entire lifecycle of scientific research—from ideation to implementation, writing, and review. In versions 0.1.1 and below, a critical path traversal vulnerability has been identified in the review_paper function in backend/app.py. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions. This vulnerability allows attackers to: read any PDF file accessible to the server process, potentially access sensitive documents outside the intended directory and perform reconnaissance on the server's file system structure. This issue does not currently have a fix.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
tiny-scientistPyPI
<= 1.1.0

Affected products

1

Patches

1
7fd428736030

fix(security): fix cwe-22 security error (#301)

https://github.com/ulab-uiuc/tiny-scientistHaofei YuAug 8, 2025via ghsa
commit
1 file changed · +10 4
  • backend/app.py+10 4 modified
    @@ -734,20 +734,26 @@ def review_paper() -> Union[Response, tuple[Response, int]]:
         return jsonify({"error": "No PDF path provided"}), 400
 
     try:
-        # Convert API path to absolute path
+        # Convert API path to absolute path with security checks
         if pdf_path.startswith("/api/files/"):
             # Remove /api/files/ prefix
             relative_path = pdf_path[len("/api/files/") :]
             generated_base = os.path.join(project_root, "generated")
-            absolute_pdf_path = os.path.join(generated_base, relative_path)
+            absolute_pdf_path = os.path.abspath(os.path.join(generated_base, relative_path))
+            
+            # Security check: ensure the file is within the allowed directory
+            if not absolute_pdf_path.startswith(os.path.abspath(generated_base)):
+                return jsonify({"error": "Access denied - path traversal not allowed"}), 403
         else:
-            absolute_pdf_path = pdf_path
+            # For security, only allow paths that start with /api/files/
+            # This prevents arbitrary file access on the server
+            return jsonify({"error": "Invalid path - only /api/files/ paths are allowed"}), 403
 
         print(f"Reviewing paper at: {absolute_pdf_path}")
 
         # Check if file exists
         if not os.path.exists(absolute_pdf_path):
-            return jsonify({"error": f"PDF file not found: {absolute_pdf_path}"}), 404
+            return jsonify({"error": "PDF file not found"}), 404
         reviewer_model = session.get("model", "deepseek-chat")  # Get model from session
         print("🔍 Starting paper review...")
         reviewer = Reviewer(

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.