High severityOSV Advisory· Published Dec 4, 2025· Updated Dec 5, 2025
CVE-2025-65346
CVE-2025-65346
Description
alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
alexusmai/laravel-file-managerPackagist | <= 3.3.1 | — |
Affected products
2- Range: 1.0.0, 1.0.1, 1.0.2, …
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.