CVE-2026-27625

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Stirling-PDF versions prior to 2.5.2

Description Stirling-PDF is a locally hosted web application used for PDF file operations. Versions prior to 2.5.2 have an issue where the /api/v1/convert/markdown/pdf endpoint does not properly validate paths when extracting entries from user-supplied ZIP files. This allows an authenticated user to write files outside the intended temporary directory, resulting in arbitrary file write with the privileges of the stirlingpdfuser process. This can lead to overwriting writable files and compromising data integrity. The vulnerable parameter is the ZIP file provided to the /api/v1/convert/markdown/pdf endpoint.

Recommendations Update Stirling-PDF to version 2.5.2 or later.

Exploit

Fix

Relative Path Traversal

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-23CWE-22

Related Identifiers

CVE-2026-27625

GHSA-WCCQ-MG6X-2W22

Affected Products

Stirling-Pdf

CVE-2026-27625

Weakness Enumeration

Related Identifiers

Affected Products

References · 8