{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T12:45:22.857","vulnerabilities":[{"cve":{"id":"CVE-2025-54796","sourceIdentifier":"security-advisories@github.com","published":"2025-08-02T00:15:26.550","lastModified":"2025-09-12T16:13:54.597","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the \"Recent Uploads\" page allows arbitrary RegExes. If this feature is enabled (which is the default), an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9."},{"lang":"es","value":"Copyparty es un servidor de archivos portátil. En versiones anteriores a la 1.18.9, el parámetro de filtro de la página \"Subidas recientes\" permite expresiones regulares arbitrarias. Si esta función está habilitada (por defecto), un atacante puede manipular un filtro que bloquee el servidor. Esto se solucionó en la versión 1.18.9."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-833"},{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:9001:copyparty:*:*:*:*:*:*:*:*","versionEndExcluding":"1.18.9","matchCriteriaId":"BCFBCFBD-9305-4DBD-92B6-29B6F8FDF5B2"}]}]}],"references":[{"url":"https://github.com/9001/copyparty/commit/09910ba80784c3980947d92f45db696398c0fd83","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/9001/copyparty/releases/tag/v1.18.9","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/9001/copyparty/security/advisories/GHSA-5662-2rj7-f2v6","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/9001/copyparty/security/advisories/GHSA-5662-2rj7-f2v6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}