CVE-2025-55130

🗓️ 20 Jan 2026 20:41:55Reported by hackeroneType

cve🔗 web.nvd.nist.gov👁 58 Views🌐 WEB

CVE-2025-55130: Crafted relative symlinks bypass Node.js read/write restrictions.

Reporter	Title	Published	Views	Family All 248
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition	7 Apr 202607:08	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.17.0 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026	27 May 202609:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	7 Apr 202616:23	–	ibm
ATTACKERKB	CVE-2025-55130	20 Jan 202620:41	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2026-1402)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2026-1403)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1404)	5 Feb 202600:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0045: nodejs:20 (ALINUX3-SA-2026:0045)	5 Mar 202600:00	–	nessus
Tenable Nessus	AlmaLinux 10 : nodejs24 (ALSA-2026:1842)	10 Feb 202600:00	–	nessus
Tenable Nessus	AlmaLinux 10 : nodejs22 (ALSA-2026:1843)	10 Feb 202600:00	–	nessus

NVD

Vulners

Node

nodejs node.jsRange20.0.0–20.20.0-

nodejs node.jsRange22.0.0–22.22.0-

nodejs node.jsRange24.0.0–24.13.0-

nodejs node.jsRange25.0.0–25.3.0-

[
  {
    "defaultStatus": "unaffected",
    "vendor": "nodejs",
    "product": "node",
    "versions": [
      {
        "version": "20.19.6",
        "status": "affected",
        "lessThanOrEqual": "20.19.6",
        "versionType": "semver"
      },
      {
        "version": "22.21.1",
        "status": "affected",
        "lessThanOrEqual": "22.21.1",
        "versionType": "semver"
      },
      {
        "version": "24.12.0",
        "status": "affected",
        "lessThanOrEqual": "24.12.0",
        "versionType": "semver"
      },
      {
        "version": "25.2.1",
        "status": "affected",
        "lessThanOrEqual": "25.2.1",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
nodejs	www.nodejs.org/en/blog/vulnerability/december-2025-security-releases

Parameter	Position	Path	Description	CWE
TARGET_FILE	path	./pwn/a/b/c/d/e/f/link/../../../../../../<TARGET_FILE_PATH>	Symlink chain traversal payload to bypass Node.js permission sandbox and access TARGET_FILE outside allowed path	CWE-289
ALLOWED_PATH	path	./pwn/a/b/c/d/e/f/link/../../../../../../<TARGET_FILE_PATH>	Symlink chain traversal payload to bypass Node.js permission sandbox and access TARGET_FILE outside allowed path	CWE-289
CHAIN	path	./pwn/a/b/c/d/e/f/link/../../../../../../<TARGET_FILE_PATH>	Symlink chain traversal payload to bypass Node.js permission sandbox and access TARGET_FILE outside allowed path	CWE-289
payload	path	./pwn/a/b/c/d/e/f/link/../../../../../../<TARGET_FILE_PATH>	Symlink chain traversal payload to bypass Node.js permission sandbox and access TARGET_FILE outside allowed path	CWE-289
CHILD_TARGET	path	./pwn/a/b/c/d/e/f/link/../../../../../../<TARGET_FILE_PATH>	Symlink chain traversal payload to bypass Node.js permission sandbox and access TARGET_FILE outside allowed path	CWE-289

17 Jun 2026 09:41Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.19.1

CVSS 37.1

EPSS0.00489

SSVC

CWE-289