Powerdocu

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-25925 HIGH POC This Week

PowerDocu versions prior to 2.4.0 allow arbitrary .NET object instantiation and code execution through unsafe deserialization of the $type property in JSON files within Flow or App packages. A local attacker with user interaction can exploit this vulnerability to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available for affected versions.

Windows Dotnet Powerdocu

NVD GitHub

CVSS 3.1

7.8

EPSS

0.0%

CVE-2026-25925

EPSS 0% CVSS 7.8

HIGH POC This Week

PowerDocu versions prior to 2.4.0 allow arbitrary .NET object instantiation and code execution through unsafe deserialization of the $type property in JSON files within Flow or App packages. A local attacker with user interaction can exploit this vulnerability to achieve full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available for affected versions.

Windows Dotnet Powerdocu

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy