LOW 3.6
CVE-2025-55188
7-Zip before 25.01 does not always properly handle symbolic links during extraction.
CVSS v3
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
EPSS
0.1%
percentile 19.7%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| 7-zip | 7-zip | Windows | <25.01 | cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:* |