Skip to main content

Pega Customer Service Framework CVE-2025-62182

Unrestricted Upload of File with Dangerous Type (CWE-434)
2026-01-13 security@pega.com

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 13, 2026 - 17:15 nvd
N/A

DescriptionCVE.org

Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.

AnalysisAI

Pega Customer Service Framework versions 8.7.0 versions up to 25.1.0 is affected by unrestricted upload of file with dangerous type.

Technical ContextAI

This vulnerability (CWE-434: Unrestricted Upload of File with Dangerous Type) affects Pega Customer Service Framework versions 8.7.0. Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.

Affected ProductsAI

Product: Pega Customer Service Framework versions 8.7.0. Versions: up to 25.1.0.

RemediationAI

Monitor vendor advisories for a patch. Validate file types by content. Store uploads outside web root.

Share

CVE-2025-62182 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy