CVE-2025-55130
Node.js Permissions Bypass Allows Arbitrary File Read Write.
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Node.js's permissions model allows attackers to bypass intended file access restrictions using crafted symbolic link paths, potentially leading to unauthorized reading or writing of sensitive files. This issue breaks isolation guarantees and could result in system compromise. There is uncertainty reg