A high-severity vulnerability (CVE-2025-27610) in Rack::Static allows Local File Inclusion by not properly sanitizing user-supplied paths, potentially exposing other files in the specified root directory. Recommended mitigations include updating to the latest version of Rack, removing usage of Rack::Static, or ensuring the root directory contains only publicly accessible files.
Sort: