Critical Alert 2 Active Exploits Detected Today

CVE-2026-42271 BerriAI LiteLLM Command Injection Vulnerability →
CVE-2026-50751 Check Point Security Gateway Improper Authentication Vulnerability →
Powered by CVE Watchtower
×

Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →
Powered by CVE WATCHTOWER
×
June 9, 2026

CVE Watchtower


← Back to CVE List

CVE-2025-0520NVD

Vulnerability Summary

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.
Severity Level
CRITICAL(9.4)
Published Date
Apr 29, 2025
Last Modified
May 2, 2025
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
CWE-434: Unrestricted File Upload β†—
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
CVSS v4.0 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone

External References