AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-25185: GPT Academic provides interactive interfaces for large language models. In 3.91 and earlier, GPT Academic does not prope

highvulnerability

security

Source: NVD/CVE DatabaseMarch 3, 2025CVE-2025-25185

Summary

CVE-2025-25185 is a vulnerability in GPT Academic (version 3.91 and earlier) where the software does not properly handle soft links (special files that point to other files). An attacker can create a malicious soft link, upload it in a compressed tar.gz file, and when the server decompresses it, the soft link will point to sensitive files on the victim's server, allowing the attacker to read all server files.

Solution / Mitigation

A patch is available at https://github.com/binary-husky/gpt_academic/commit/5dffe8627f681d7006cebcba27def038bb691949

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.3%

Classification

Attack Type

Data Extraction

Attack SophisticationModerate

Impact (CIA+S)

confidentiality

AI Component TargetedAPI

Taxonomy References

CWE (Weakness Type)

CWE-59

Affected Vendors

Related Issues

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

Similar attackNVD/CVE Database

high

CVE-2025-54868: LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint

First tracked: February 15, 2026 at 08:53 PM

Classified by LLM (prompt v3) · confidence: 85%