CVE-2025-44044

High CVSS: 7.5

Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML and/or DTD files can exfiltrate some files from the underlying operating system.

Vendor

Product

CWE

CWE-611

Yayın Tarihi

2025-06-10 16:15:40

Güncelleme

2025-06-12 16:06:39

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-611 HIGH 2025

Referanslar

https://keyoti.com/products/search/dotNetWeb/HtmlHelp9/?topic=UserGuide/Release%20Notes.htm https://www.sprocketsecurity.com/blog/cve-alert-cve-2025-44043-cve-2025-44044-the-search-bar-hacks-arent-dead-yet