CVE-2025-27519
Published: 07 March 2025
Summary
CVE-2025-27519 is a critical-severity Path Traversal (CWE-22) vulnerability in Github (inferred from references). Its CVSS base score is 9.3 (Critical).
Operationally, ranked in the top 14.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Cognita, an open source RAG framework for building modular production applications, contains a path traversal vulnerability at the /v1/internal/upload-to-local-directory endpoint. The issue is present when the Local environment variable is set to true, which occurs in the project's Docker deployment that also enables uvicorn auto-reload on the backend server. An attacker who can reach the endpoint can overwrite arbitrary files such as /app/backend/__init__.py; because the server reloads on change, the overwritten code executes and yields remote code execution inside the container. The flaw is tracked as CWE-22 and carries a CVSS 4.0 score of 9.3.
Any unauthenticated network attacker can exploit the upload endpoint to achieve full remote code execution within the Docker container, allowing arbitrary command execution, data exfiltration, or further lateral movement from the compromised service.
The vulnerability is fixed in commit a78bd065e05a1b30a53a3386cc02e08c317d2243, with the corresponding pull request and detailed analysis published in the GitHub Security Lab advisory GHSL-2024-193.
The associated EPSS score has remained flat at 0.0258 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-7790
Vulnerability details
Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when…
more
Cognita is setup using Docker. Because the docker environment sets up the backend uvicorn server with auto reload enabled, when an attacker overwrites the /app/backend/__init__.py file, the file will automatically be reloaded and executed. This allows an attacker to get remote code execution in the context of the Docker container. This vulnerability is fixed in commit a78bd065e05a1b30a53a3386cc02e08c317d2243.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.