Visicut
1 CVEs
product
Monthly
VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Deserialization
Visicut
NVD
GitHub
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-43708
EPSS 0%
CVSS 3.3
LOW
POC
Monitor
VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Deserialization
Visicut
NVD
GitHub