A vulnerability marked as critical has been reported in Esri ArcGIS Server up to 11.4 on Windows/Linux. This impacts an unknown function. Performing manipulation results in unrestricted upload.
This vulnerability is known as CVE-2025-67706. Remote exploitation of the attack is possible. No exploit is available.
