CVE-2025-66214 | wearefrank ladybug prior 3.0-20251107.114628 XML File Parser /iaf/ladybug/api/report/ deserialization (GHSA-f9fh-r3cv-398f)

Inserito da Angelo Barbosa | Dic 10, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in wearefrank ladybug. Affected by this vulnerability is an unknown functionality of the file /iaf/ladybug/api/report/ of the component XML File Parser. Performing manipulation results in deserialization.

This vulnerability is identified as CVE-2025-66214. The attack is only possible with local access. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2025-66214 | wearefrank ladybug prior 3.0-20251107.114628 XML File Parser /iaf/ladybug/api/report/ deserialization (GHSA-f9fh-r3cv-398f)

Post correlati

CVE-2025-34206 | Vasion Print Virtual Appliance Host/Print Application /var/www/efs_storage permission assignment

CVE-2024-20434 | Cisco IOS XE up to 17.14.1 on Catalyst 9000 integer overflow (cisco-sa-vlan-dos-27Pur5RT)

CVE-2025-13168 | ury-erp ury up to 0.2.0 pos_extend.py overrided_past_order_list search_term sql injection

CVE-2025-23606 | Calendi Plugin up to 1.1.1 on WordPress cross site scripting