The vulnerability is a path traversal flaw in the /v1/summarize daemon endpoint of the Summarize project. An authenticated caller can supply an absolute path or a traversal sequence in the slidesDir request parameter, which causes the service to write slide_*.png and slides.json files to any writable directory. The attacker can also later delete files matching the specified location through repeated extraction. This results in unauthorized data modification and potential loss of data integrity, and may allow an attacker to place arbitrary files that could be used for further compromise.

The affected vendor is steipete:summarize. Any installation of Summarize with a version prior to 0.15.1 is vulnerable. Detailed affected versions are implied as all releases before 0.15.1, as the patch was released in version 0.15.2.

The CVSS score of 7.1 indicates a high severity vulnerability. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting no currently known widespread exploitation. Attackers must be authenticated to the /v1/summarize endpoint, but once authenticated they can supply arbitrary path components, which gives them the ability to write and later delete files in any directory the service can reach. The lack of proper path sanitization is a classic missing authorization weakness (CWE-862).