CVE-2025-63705 | node-ts-ocr 1.0.15 src/index.js invokeImageOcr os command injection

Inserito da Angelo Barbosa | Mag 7, 2026 | CVE

A vulnerability marked as critical has been reported in node-ts-ocr 1.0.15. Impacted is the function invokeImageOcr of the file src/index.js. The manipulation leads to os command injection.

This vulnerability is listed as CVE-2025-63705. The attack may be initiated remotely. There is no available exploit.

CVE-2025-63705 | node-ts-ocr 1.0.15 src/index.js invokeImageOcr os command injection

Post correlati

CVE-2024-30132 | HCL Nomad Server on Domino 1.0.12 HTTP Security Header information disclosure (KB0116298)

CVE-2023-50264 | morpheus65535 bazarr up to 1.3.0 /system/backup/download/ send_file filename path traversal (GHSL-2023-192)

CVE-2024-49898 | Linux Kernel up to 6.10.13/6.11.2 AMD Display drr_timing initialization (3fc70ae048fe/115b1a3b0944/367cd9ceba19)

CVE-2025-59798 | Artifex Ghostscript up to 10.05.1 gdevpdtw.c pdf_write_cmap stack-based overflow