- Description
- LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-1336
- Hype score
- Not currently trending
[HIGH] CVE-2025-53833: Critical Vulnerability in Server Software Critical flaw with CVSS 10.0; exploits available; patches released. CVE: CVE-2025-53833 • APT: N/A • Status: EXPLOITED Unpatched servers are high-value targets for attack… https://t.co/0r0NszpWeq
@MysocAi
25 Feb 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CRITICAL] CVE-2025-53833: Critical Vulnerability with Public Exploits CVE-2025-53833 has a CVSS score of 10.0; exploits available; patch released. CVE: CVE-2025-53833 • APT: N/A • Status: ACTIVE High risk due to critical severity and … https://t.co/0r0NszpWeq
@MysocAi
25 Feb 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CRITICAL] CVE-2025-53833: Critical Vulnerability in Wwbn AVideo CVE-2025-53833 allows arbitrary command execution on Wwbn AVideo servers. CVE: CVE-2025-53833 • APT: Unknown • Status: ACTIVE Enables remote code execution, posing severe… https://t.co/0r0NszpWeq
@MysocAi
25 Feb 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Upcoming CVE & Bug Bounty POC Breakdowns I’ve been working on detailed breakdowns of some new vulnerabilities: CVE-2025-0133 : XSS CVE-2025-53833 : SSTI CVE-2025-30208 : Local File Inclusion All videos will premiere soon on YouTube. 🔗 Watch here: https://t.co/7Rb8lWD
@h4x0r_fr34k
11 Sept 2025
678 Impressions
2 Retweets
10 Likes
2 Bookmarks
0 Replies
0 Quotes
Upcoming CVE & Bug Bounty POC Breakdowns I’ve been working on detailed breakdowns of some new vulnerabilities: CVE-2025-0133 : XSS (Citrix Logout XSS) CVE-2025-53833 : SSTI CVE-2025-30208 : Local File Inclusion All videos will premiere soon on YouTube. 🔗 Watch here: h
@h4x0r_fr34k
11 Sept 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CVE202553833 CVE-2025-53833 (CVSS 10): Critical SSTI Flaw in LaRecipe Threatens Millions of Laravel Apps https://t.co/rBMZtVk79r
@Komodosec
21 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 From Cloudflare Security Research Analysts 🚨 Fresh CVEs patched for Cloudflare WAF customers: 🔐 Sitecore (CVE-2025-34509/10/11): RCE via hardcoded creds + file upload 🧪 Grafana (CVE-2025-4123): XSS → malicious redirect ⚙️ LaRecipe (CVE-2025-53833): SSTI
@Cloudflare
5 Aug 2025
7907 Impressions
16 Retweets
61 Likes
12 Bookmarks
2 Replies
0 Quotes
🚨 CVE-2025-53833 - critical 🚨 LaRecipe < 2.8.1 Remote Code Execution via SSTI > LaRecipe is an application that allows users to create documentation with Markdown in... 👾 https://t.co/cjchsIgAHX @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
16 Jul 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#CVE-2025-53833 挺直给的一个漏洞,直接官方demo即可快速复现,步骤见图1,和grok协同搞了个漏洞分析报告,见图2. 题外话,没看懂360这个复现。 https://t.co/biFhpnNPKe https://t.co/qvKlu815wF
@_r00tuser
16 Jul 2025
1952 Impressions
8 Retweets
28 Likes
13 Bookmarks
2 Replies
0 Quotes
Standout vuln: LaRecipe hit with a CVSS 10 SSTI (CVE-2025-53833). Critical for dev teams—patch ASAP! Full rundown in today’s brief: https://t.co/Ykh4Hv37ol #CVE #infosec #cybersecurity
@BriefCve27259
15 Jul 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Could YOUR server be hacked today? 🚨🚨CVE-2025-53833 (CVSS: 10) reveals a critical Server-Side Template Injection (SSTI) in LaRecipe, allowing RCE! Attackers can run any command, steal sensitive data, or take over servers. Search by vul.cve Filter👉vul.cve="CVE-2025-538
@zoomeye_team
15 Jul 2025
2043 Impressions
9 Retweets
22 Likes
16 Bookmarks
0 Replies
0 Quotes
Today's CVE Brief: 74 new vulns in 24hrs 12 CISA KEV—review & patch ASAP CVSS 10: LaRecipe SSTI (CVE-2025-53833) Critical LB-LINK router & Hgiga RCE flaws 80+ analyst insights More: https://t.co/Ykh4Hv37ol #CVE #infosec #cybersecurity
@BriefCve27259
15 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-53833(CVSS 10)Critical SSTI Flaw in LaRecipe Threatens Millions of Laravel Apps 🎯4.5m+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link: https://t.co/0mNG7zEb1P FOFA Query:app="Laravel-Framework" 🔖Refer:https://t.co/xUdOn
@fofabot
15 Jul 2025
8728 Impressions
34 Retweets
113 Likes
53 Bookmarks
1 Reply
1 Quote
🚨Alert🚨 CVE-2025-53833 (CVSS 10): Critical SSTI Flaw in LaRecipe Threatens Millions of Laravel Apps 📊8.8M Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/4rxrUNGeBY 👇Query HUNTER : https://t.co/q9rtuGfZuz="Laravel" https://t.co/q
@HunterMapping
15 Jul 2025
3012 Impressions
13 Retweets
38 Likes
19 Bookmarks
0 Replies
0 Quotes
CVE-2025-53833 LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Templat… https://t.co/ipNf7ahs8i
@CVEnew
14 Jul 2025
552 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes