PatchSiren

Codehaus Plexus CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Codehaus Plexus CVE published 2026-03-25

CVE-2025-67030

CVE-2025-67030 is a high-severity directory traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before version 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code. The vulnerability has a CVSS score of 8.8 and is classified as HIGH. The CVE was published on 2026-03-25T18:16:25.880Z and last modified on 2026-06-30T03:16:57.343Z.