CVE-2025-63365 identifies a directory traversal vulnerability in SoftSea EPUB File Reader version 1.0.0.0. The vulnerability exists in the EPUB file processing component responsible for extracting and handling the contents of EPUB archives. EPUB files are essentially ZIP archives containing HTML, CSS, images, and other resources. The directory traversal flaw allows specially crafted EPUB files to include path traversal sequences (e.g., ../) in file names inside the archive. When the vulnerable reader extracts these files, it can write them outside the intended extraction directory, potentially overwriting critical system or user files. This can lead to unauthorized file creation or modification, which may be leveraged to execute arbitrary code, corrupt files, or disrupt system operations. Exploitation requires the victim to open a malicious EPUB file, so user interaction is necessary. No authentication is required to trigger the vulnerability. While no public exploits are currently known, the flaw is significant due to the common use of EPUB readers and the sensitive nature of file system access. The vulnerability was reserved on October 27, 2025, and published on December 1, 2025, but no patches or fixes are currently linked. The absence of a CVSS score means severity must be assessed based on impact and exploitability factors.

For European organizations, the impact of this vulnerability can be substantial, especially for those in publishing, education, and digital content distribution sectors that rely on EPUB readers. Successful exploitation could lead to unauthorized file overwrites or creation, potentially compromising system integrity and confidentiality. This could result in data loss, corruption of critical files, or even execution of malicious code if the attacker crafts payloads to overwrite executable files or configuration files. The requirement for user interaction (opening a malicious EPUB) somewhat limits mass exploitation but targeted attacks against employees or users are feasible. Organizations handling sensitive or regulated data could face compliance and reputational risks if this vulnerability is exploited. Additionally, the lack of patches increases exposure time, making proactive mitigation critical. The threat is heightened in environments where endpoint security is weak or where users frequently open EPUB files from untrusted sources.

1. Monitor for and apply any official patches or updates from SoftSea as soon as they become available. 2. Until patches are released, restrict file system permissions for the EPUB reader application to limit its ability to write outside designated directories. 3. Employ application whitelisting and sandboxing techniques to contain the EPUB reader’s file operations. 4. Educate users to avoid opening EPUB files from untrusted or unknown sources. 5. Use endpoint detection and response (EDR) solutions to monitor for suspicious file extraction activities indicative of directory traversal exploitation. 6. Implement network-level controls to block delivery of malicious EPUB files via email or web downloads where possible. 7. Consider alternative EPUB readers with a stronger security track record if immediate patching is not feasible. 8. Conduct regular security audits and file integrity monitoring on systems running the vulnerable software to detect unauthorized changes.