CVE-2025-26905

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik allows PHP Local File Inclusion. This issue affects Estatik: from n/a through 4.1.9. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt