Miggo Logo
Miggo Vulnerability Database
CVE-2025-11849

CVE-2025-11849: Mammoth is vulnerable to Directory Traversal

9.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2025-11849
GHSA ID
GHSA-rmjr-87wv-gf87
EPSS Score
0.46869%
CWE
CWE-22
Published
10/17/2025
Updated
10/17/2025
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
mammothnpm>= 0.3.25, < 1.11.01.11.0
org.zwobble.mammoth:mammothmaven< 1.11.01.11.0
mammothpip>= 0.3.25, < 1.11.01.11.0
Mammothnuget< 1.11.01.11.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

V*rsions o* t** p**k*** m*mmot* *rom *.*.** *n* ***or* *.**.*; v*rsions o* t** p**k*** m*mmot* *rom *.*.** *n* ***or* *.**.*; v*rsions o* t** p**k*** m*mmot* ***or* *.**.*; v*rsions o* t** p**k*** or*.zwo**l*.m*mmot*:m*mmot* ***or* *.**.* *r* vuln*r*

Reasoning

No *n*lysis *v*il**l*