diff --git a/src/main/java/emu/grasscutter/server/http/handlers/AnnouncementsHandler.java b/src/main/java/emu/grasscutter/server/http/handlers/AnnouncementsHandler.java
index 2c24b7407..f3fa4f033 100644
--- a/src/main/java/emu/grasscutter/server/http/handlers/AnnouncementsHandler.java
+++ b/src/main/java/emu/grasscutter/server/http/handlers/AnnouncementsHandler.java
@@ -14,6 +14,7 @@ import static emu.grasscutter.config.Configuration.*;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Objects;
+import java.util.StringJoiner;
 
 /**
  * Handles requests related to the announcements page.
@@ -72,7 +73,17 @@ public final class AnnouncementsHandler implements Router {
     }
 
     private static void getPageResources(Context ctx) {
-        try (InputStream filestream = DataLoader.load(ctx.path())) {
+        // Re-process the path - remove the first slash and prevent directory traversal
+        // (the first slash will act as root path when resolving local path)
+        String[] path = ctx.path().split("/");
+        StringJoiner stringJoiner = new StringJoiner("/");
+        for (String pathName : path) {
+            // Filter the illegal payload to prevent directory traversal
+            if (!pathName.isEmpty() && !pathName.equals("..") && !pathName.contains("\\")) {
+                stringJoiner.add(pathName);
+            }
+        }
+        try (InputStream filestream = DataLoader.load(stringJoiner.toString())) {
             String possibleFilename = ctx.path();
 
             ContentType fromExtension = ContentType.getContentTypeByExtension(possibleFilename.substring(possibleFilename.lastIndexOf(".") + 1));