CVE-2025-31134: FreshRSS vulnerable to directory enumeration via ext.php

5.5 CVSS

Description

FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, an attacker can gain additional information about the server by checking if certain directories exist. An attacker can, for example, check if older PHP versions are installed or if certain software is installed on the server and potentially use that information to further attack the server. Version 1.26.2 contains a patch for the issue.

Classification

CVE ID: CVE-2025-31134

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.5

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Problem Types

CWE-201: Insertion of Sensitive Information Into Sent Data

Affected Products

Vendor: FreshRSS

Product: FreshRSS

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.4% (scored less or equal to compared to others)

EPSS Date: 2025-06-07 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-31134
https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-jjm2-4hf7-9x65
https://github.com/FreshRSS/FreshRSS/commit/4568111c00813756a3a34a381d684b8354fc4438

Timeline

2025-06-04 20:40:22 UTC
CVE

FreshRSS vulnerable to directory enumeration via ext.php