diff --git a/common/src/main/java/haveno/common/persistence/PersistenceManager.java b/common/src/main/java/haveno/common/persistence/PersistenceManager.java
index b9d38bd82f..0b7a891d6d 100644
--- a/common/src/main/java/haveno/common/persistence/PersistenceManager.java
+++ b/common/src/main/java/haveno/common/persistence/PersistenceManager.java
@@ -502,7 +502,7 @@ public class PersistenceManager<T extends PersistableEnvelope> {
 
             tempFile = usedTempFilePath != null
                     ? FileUtil.createNewFile(usedTempFilePath)
-                    : File.createTempFile("temp_" + fileName, null, dir);
+                    : Files.createTempFile(dir.toPath(), "temp_" + fileName, null).toFile();
             // Don't use a new temp file path each time, as that causes the delete-on-exit hook to leak memory:
             tempFile.deleteOnExit();
 
diff --git a/common/src/main/java/haveno/common/util/ZipUtils.java b/common/src/main/java/haveno/common/util/ZipUtils.java
index f5a32b69d9..5e7791543a 100644
--- a/common/src/main/java/haveno/common/util/ZipUtils.java
+++ b/common/src/main/java/haveno/common/util/ZipUtils.java
@@ -104,6 +104,10 @@ public class ZipUtils {
             int count;
             while ((entry = zipStream.getNextEntry()) != null) {
                 File file = new File(dir, entry.getName());
+                if (!file.toPath().normalize().startsWith(dir.toPath())) {
+                    throw new SecurityException("ZIP entry contains path traversal attempt: " + entry.getName());
+                }
+                
                 if (entry.isDirectory()) {
                     file.mkdirs();
                 } else {