Pdfpatcher

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-63918 MEDIUM POC This Month

PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to arbitrary locations. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Pdfpatcher
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2025-63917 HIGH POC This Month

PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity (XXE) references. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Denial Of Service Information Disclosure SSRF Pdfpatcher
NVD GitHub
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-63918
EPSS 0% CVSS 6.2
MEDIUM POC This Month

PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to arbitrary locations. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Pdfpatcher
NVD GitHub
CVE-2025-63917
EPSS 0% CVSS 7.1
HIGH POC This Month

PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity (XXE) references. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Denial Of Service Information Disclosure +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy