CVE-2025-67397

Publication date

2026-01-05 00:00:00

Family

mitre

State

PUBLISHED

Description

An issue in Passy v.1.6.3 allows a remote authenticated attacker to execute arbitrary commands via a crafted HTTP request using a specific payload injection.