CVE-2025-53887 | Directus up to 11.8.x OpenAPI /server/specs/oas information disclosure (GHSA-rmjh-cf9q-pv7q)
A vulnerability classified as problematic has been found in Directus up to 11.8.x. Affected is an unknown function of the file /server/specs/oas of the component OpenAPI. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2025-53887. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.