CVE-2025-7626 | YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd /onlinePreview url path traversal (Issue 13)

A vulnerability has been found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this vulnerability is the function onlinePreview of the file /onlinePreview. The manipulation of the argument url leads to path traversal.

This vulnerability is known as CVE-2025-7626. The attack can be launched remotely. Furthermore, there is an exploit available.

This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

CVE-2025-7626 | YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd /onlinePreview url path traversal (Issue 13)

Post correlati

CVE-2025-44557 | Cypress PSoC4 3.66 Bluetooth Low Energy Stack improper authentication

CVE-2024-26149 | Vyper up to 0.3.10 _abi_decode memory corruption (GHSA-9p8r-4xp4-gw5w)

CVE-2024-28729 | D-Link DWR 2000M 5G CPE Request Local Privilege Escalation

CVE-2024-23749 | KiTTY up to 0.76.1.13 filename command injection (ID 177031)