📦 Convertx

ConvertX versions before 0.17.0 have a path traversal vulnerability in the /delete endpoint that allows attackers to delete arbitrary files on the server. This affects all self-hosted instances runnin...

CVE-2025-66449 is an arbitrary file write vulnerability in ConvertX, a self-hosted online file converter. Authenticated users can upload files with malicious names to overwrite system binaries, leadin...