cvedb.io
CVE-2025-27409
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2025-04-30T15:16:01.067 · Last modified 2026-06-17T09:03:31.997

Summary

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, path traversal is possible in Joplin Server if static file path starts with `css/pluginAssets` or `js/pluginAssets`. The `findLocalFile` function in the `default route` calls `localFileFromUrl` to check for special `pluginAssets` paths. If the function returns a path, the result is returned directly, without checking for path traversal. The vulnerability allows attackers to read files outside the intended directories. This issue has been patched in version 3.3.3.

Affected products

joplin_project — joplin

Does this affect you?

Add your gear to cvedb and we'll alert you only when joplin_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.