diff --git a/src/main/java/org/myrobotlab/io/Zip.java b/src/main/java/org/myrobotlab/io/Zip.java
index c00666dc41..da96ce4ac6 100644
--- a/src/main/java/org/myrobotlab/io/Zip.java
+++ b/src/main/java/org/myrobotlab/io/Zip.java
@@ -229,12 +229,23 @@ static public void unzip(String zipFile, String newPath) throws ZipException, IO
     new File(newPath).mkdir();
     Enumeration<?> zipFileEntries = zip.entries();
 
+    File canonicalNewPath = new File(newPath).getCanonicalFile();
+
     // Process each entry
     while (zipFileEntries.hasMoreElements()) {
       // grab a zip file entry
       ZipEntry entry = (ZipEntry) zipFileEntries.nextElement();
       String currentEntry = entry.getName();
       File destFile = new File(newPath, currentEntry);
+        
+      // Canonicalize the destination file path
+      File canonicalDestFile = destFile.getCanonicalFile();
+
+      // Check if the canonical destination path starts with the canonical newPath
+      if (!canonicalDestFile.getPath().startsWith(canonicalNewPath.getPath())) {
+        throw new IOException("Attempt to write outside of the target directory: " + currentEntry);
+      }
+
       // destFile = new File(newPath, destFile.getName());
       File destinationParent = destFile.getParentFile();