9 matches found
CVE-2026-25925
PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...
CVE-2026-25925
PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...
CVE-2026-25925 PowerDocu Affected by Remote Code Execution via Insecure Deserialization
PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...
CVE-2026-25925 PowerDocu Affected by Remote Code Execution via Insecure Deserialization
PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...
CVE-2026-25925
PowerDocu (Windows GUI) is vulnerable before version 2.4.0 due to JSON deserialization in Flow/App packages. The app blindly trusts the $type property, allowing an attacker to instantiate arbitrary .NET objects and execute code. This yields high-severity, local, with user interaction required. Fi...
CVE-2026-25925 PowerDocu Affected by Remote Code Execution via Insecure Deserialization
PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...
CVE-2026-25925
PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to...
PowerDocu 代码问题漏洞
PowerDocu is a canvas generation software developed by Rene Modery. Versions of PowerDocu prior to 2.4.0 had code vulnerabilities. These vulnerabilities stemmed from blindly trusting the $type attribute during the parsing of JSON files, which could lead to code execution...
PT-2026-7179
Name of the Vulnerable Software and Affected Versions PowerDocu versions prior to 2.4.0 Description PowerDocu, a Windows GUI executable for technical documentation, has a security issue in its JSON parsing process within Flow or App packages. The application incorrectly trusts the $type property ...