diff --git a/core/src/main/java/audio/omgsoundboard/core/data/StorageRepositoryImpl.kt b/core/src/main/java/audio/omgsoundboard/core/data/StorageRepositoryImpl.kt
index b74f6f7..66998a9 100644
--- a/core/src/main/java/audio/omgsoundboard/core/data/StorageRepositoryImpl.kt
+++ b/core/src/main/java/audio/omgsoundboard/core/data/StorageRepositoryImpl.kt
@@ -84,6 +84,11 @@ class StorageRepositoryImpl @Inject constructor(
 
                         entry.name.endsWith(".mp3") -> {
                             val extractedFile = File(privateFolder, entry.name)
+                            val normalizedPath = extractedFile.toPath().normalize()
+                            val targetDirPath = privateFolder.toPath().normalize()
+                            if (!normalizedPath.startsWith(targetDirPath)) {
+                                throw IllegalArgumentException("Bad zip entry: ${entry.name}")
+                            }
                             FileOutputStream(extractedFile).use { output ->
                                 zipIn.copyTo(output)
                             }
@@ -204,4 +209,4 @@ class StorageRepositoryImpl @Inject constructor(
         }
         soundsDao.insertSounds(restoredSounds)
     }
-}
\ No newline at end of file
+}