Vulnerability intelligence

CVE-2025-0520 describes an unrestricted file upload vulnerability found in ShowDoc, an open-source documentation tool. This flaw stems from inadequate validation of file extensions during the upload process. The vulnerability, categorized under CWE-434 (Unrestricted Upload of File with Dangerous Type), allows an attacker to upload and execute arbitrary PHP files on the server. This can lead to remote code execution (RCE) on the affected system. ShowDoc versions prior to 2.8.7 are impacted by this issue.

CVE-2025-59528 identifies a remote code execution (RCE) vulnerability in Flowise, a drag-and-drop user interface for building large language model flows. Specifically, versions 3.0.5, and those ranging from 2.2.7-patch.1 to earlier than 3.0.6, are affected. The flaw resides within the `CustomMCP` node, which processes user-provided configuration settings for external MCP servers. The vulnerability occurs because the `convertToValidJSONString` function, used to parse the `mcpServerConfig` string, directly passes user input to JavaScript's `Function()` constructor without adequate security validation. This allows the input to be executed as JavaScript code with full Node.js runtime privileges, enabling attackers to execute arbitrary code on the server. This issue has been addressed in Flowise version 3.0.6.

CVE-2025-58434 is a vulnerability found in Flowise, a drag-and-drop user interface for building customized large language model flows. Specifically, versions 3.0.5 and earlier are affected. The vulnerability lies in the `/api/v1/account/forgot-password` endpoint, where a valid password reset `tempToken` is returned without authentication or verification. This allows an attacker to generate a reset token for any user by simply providing their email address. The attacker can then use this token to reset the user's password, leading to a complete account takeover. This vulnerability affects both the cloud service (`cloud.flowiseai.com`) and self-hosted/local Flowise deployments that expose the same API.

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.

CVE-2026-34621 is a 'Prototype Pollution' vulnerability affecting Adobe Acrobat Reader versions 24.001.30356, 26.001.21367, and earlier, including Acrobat DC and Acrobat 2024. This flaw, categorized as an Improperly Controlled Modification of Object Prototype Attributes, could enable arbitrary code execution within the context of the current user. Successful exploitation of this vulnerability can lead to unauthorized access to sensitive data, unauthorized data modifications, and disruption of system operations. Exploitation of CVE-2026-34621 requires user interaction, specifically that a victim opens a malicious file. Reports indicate that this vulnerability has been actively exploited in the wild since at least December 2025, with some sources noting that no user interaction beyond simply opening a malicious PDF document is necessary for an attack to succeed. Adobe has released emergency updates to address this issue.

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.