CVE-2025-69226 | aio-libs aiohttp up to 3.13.2 web.static path traversal (GHSA-54jq-c3m8-4m76 / EUVD-2026-1046)
A vulnerability was found in aio-libs aiohttp up to 3.13.2. It has been declared as critical. Affected by this issue is the function web.static. Executing a manipulation can lead to path traversal.
The identification of this vulnerability is CVE-2025-69226. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.