VYPR

Psitransfer

by Psi 4ward

npm: psitransfer

Source repositories

CVEs (3)

  • CVE-2026-41180HigApr 23, 2026
    risk 0.42cvss 7.5epss 0.00

    PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload PATCH flow under `/files/:uploadId` validates the mounted request path using the still-encoded `req.path`, but the downstream tus handler later writes using the decoded…

  • CVE-2024-31454MedApr 9, 2024
    risk 0.35cvss 6.5epss 0.01

    PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this…

  • CVE-2024-31453MedApr 9, 2024
    risk 0.35cvss 6.5epss 0.01

    PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which allows users to create a path for uploading a file in a file distribution, allows an attacker to add arbitrary files to the distribution.…