{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T23:01:35.957","vulnerabilities":[{"cve":{"id":"CVE-2025-55149","sourceIdentifier":"security-advisories@github.com","published":"2025-08-09T03:15:47.770","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Tiny-Scientist is a lightweight framework for automating the entire lifecycle of scientific research—from ideation to implementation, writing, and review. In versions 0.1.1 and below, a critical path traversal vulnerability has been identified in the review_paper function in backend/app.py. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions. This vulnerability allows attackers to: read any PDF file accessible to the server process, potentially access sensitive documents outside the intended directory and perform reconnaissance on the server's file system structure. This issue does not currently have a fix."},{"lang":"es","value":"Tiny-Scientist es un framework ligero para automatizar todo el ciclo de vida de la investigación científica, desde la ideación hasta la implementación, la redacción y la revisión. En las versiones 0.1.1 y anteriores, se identificó una vulnerabilidad de path traversal crítico en la función review_paper de backend/app.py. Esta vulnerabilidad permite a usuarios maliciosos acceder a archivos PDF arbitrarios en el servidor al proporcionar rutas de archivo manipuladas que eluden las restricciones de seguridad previstas. Esta vulnerabilidad permite a los atacantes leer cualquier archivo PDF accesible al proceso del servidor, acceder potencialmente a documentos confidenciales fuera del directorio previsto y realizar un reconocimiento de la estructura del sistema de archivos del servidor. Este problema no tiene solución actualmente. "}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/ulab-uiuc/tiny-scientist/security/advisories/GHSA-rrgf-hcr9-jq6h","source":"security-advisories@github.com"}]}}]}