CVE-2025-10951

Name of the Vulnerable Software and Affected Versions geyang ml-logger versions prior to acf255bade5be6ad88d90735c8367b28cbe3a743

Description A path traversal issue exists in the log handler function within the ml logger/server.py file. Manipulation of the File argument can lead to unauthorized file access. This issue is potentially exploitable remotely and an exploit is publicly available.

Recommendations Update to a version later than acf255bade5be6ad88d90735c8367b28cbe3a743. As a temporary workaround, restrict access to the ml logger/server.py file. Avoid using the File parameter in the log handler function until the issue is resolved.