CVE-2025-65713

Published: Dec 23, 2025

Modified: Dec 23, 2025

PUBLISHED

Description

Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/home-assistant/core/pull/150046

https://gist.github.com/GenoWang/7359360285e0fe21a7a58d10ff71d032

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-65713

Description

Affected Products

References