CVE-2025-64712
published 2026-02-04CVE-2025-64712: The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.62%
45.0th percentile
The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partition_msg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. This issue has been patched in version 0.18.18.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| unstructured-io | unstructured | < 0.18.18 | 0.18.18 |
| unstructured | unstructured | < 0.18.18 | 0.18.18 |
| unstructured | unstructured | >= 0 < 0.18.18 | 0.18.18 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write
ghsa·2026-02-03
CVE-2025-64712 [CRITICAL] CWE-22 Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write
Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write
A Path Traversal vulnerability in the `partition_msg` function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments.
## Impact
An attacker can craft a malicious .msg file with attachment filenames containing path traversal sequences (e.g.,
`../../../etc/cron.d/malicious`). When processed with `process_attachments=True`, the library writes the attachment to an
attacker-controlled path, potentially leading to:
- Arbitrary file overwrite
- Remote code execution (via overwriting configuration files, cron jobs, or Python packages)
- Data corruption
- Denial of service
## Affected Functionality
The vulnerability affects the M
OSV
Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write
osv·2026-02-03
CVE-2025-64712 [CRITICAL] Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write
Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write
A Path Traversal vulnerability in the `partition_msg` function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments.
## Impact
An attacker can craft a malicious .msg file with attachment filenames containing path traversal sequences (e.g.,
`../../../etc/cron.d/malicious`). When processed with `process_attachments=True`, the library writes the attachment to an
attacker-controlled path, potentially leading to:
- Arbitrary file overwrite
- Remote code execution (via overwriting configuration files, cron jobs, or Python packages)
- Data corruption
- Denial of service
## Affected Functionality
The vulnerability affects the M
No detection rules found.
No public exploits indexed.
2026-02-04
Published