Cybersecurity analysts have revealed three security vulnerabilities in the Rack Ruby web server interface that, if effectively exploited, may allow adversaries to acquire unauthorized access to files, introduce harmful data, and manipulate logs in specific scenarios.
The weaknesses, highlighted by the cybersecurity firm OPSWAT, are enumerated below –

CVE-2025-27610 (CVSS score: 7.5) – A directory traversal