CVE-2026-25925 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it…
High CVSS: 7.8

CVE-2026-25925

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to instantiate arbitrary .NET objects and execute code. This vulnerability is fixed in 2.4.0.
Vendor
Modery
Product
Powerdocu
CWE
CWE-502
Yayın Tarihi
2026-02-09 22:16:04
Güncelleme
2026-02-28 00:13:57
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-502 Powerdocu HIGH Modery 2026

Referanslar

https://github.com/modery/PowerDocu/releases/tag/v-2.4.0 https://github.com/modery/PowerDocu/security/advisories/GHSA-m8j2-5jr7-2jpw