What is the CVSS score of CVE-2026-25925?

CVE-2026-25925 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Windows are affected by CVE-2026-25925?

PowerDocu versions prior to 2.4.0 contain a critical vulnerability that allows attackers to exploit JSON file parsing in Flow and App packages, potentially leading to unauthorized access or system…

Is there a public PoC exploit available for CVE-2026-25925?

Yes, a public proof-of-concept exploit is available for CVE-2026-25925. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-25925?

Within 24 hours: Identify all systems running PowerDocu versions prior to 2.4.0 and isolate them from production environments if feasible. Within 7 days: Restrict PowerDocu access to trusted users only, disable JSON import features if possible, and monitor for suspicious Flow/App package submissions. Within 30 days: Upgrade to PowerDocu 2.4.0 or later once patches are released, or migrate to alternative documentation solutions if upgrade timeline is unclear.

Windows CVE-2026-25925

HIGH

Deserialization of Untrusted Data (CWE-502)

2026-02-09 security-advisories@github.com

Windows .NET Powerdocu

7.8

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.8 HIGH

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 28, 2026 - 00:13 vuln.today

Public exploit code

CVE Published

Feb 09, 2026 - 22:16 nvd

HIGH 7.8

DescriptionGitHub Advisory

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to instantiate arbitrary .NET objects and execute code. This vulnerability is fixed in 2.4.0.

AnalysisAI

PowerDocu versions prior to 2.4.0 allow arbitrary .NET object instantiation and code execution through unsafe deserialization of the $type property in JSON files within Flow or App packages. A local attacker with user interaction can exploit this vulnerability to achieve full system compromise. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft malicious JSON file with arbitrary $type property

Delivery

User opens Flow/App package in PowerDocu

Exploit

Application deserializes untrusted JSON

Execution

Arbitrary .NET object instantiation

Impact

Remote code execution

Access

Craft malicious JSON file with arbitrary $type property

Delivery

User opens Flow/App package in PowerDocu

Exploit

Application deserializes untrusted JSON

Execution

Arbitrary .NET object instantiation

Impact

Remote code execution

Vulnerability AssessmentAI

Exploitation	PowerDocu versions prior to 2.4.0 processing Flow or App packages containing JSON files with malicious $type properties. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 7.8 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker could exploit this vulnerability to compromise the affected system.
Remediation	Fixed in version 2.4.0.. Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running PowerDocu versions prior to 2.4.0 and isolate them from production environments if feasible. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-25925 vulnerability details – vuln.today

Back

Windows CVE-2026-25925

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code