CVE-2025-55383HIGH 8.6EPSS p17.7%

CVE-2025-55383CVE-2025-55383

Description

Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server.

Scoring

CVSS 3.18.6 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
EPSS0.27% probability of exploitation · percentile 17.7% · 2026-06-18T12:00:27Z
Published2025-08-21
Last modified2026-04-15

Underlying weaknesses· 1

CWE-434

References

  1. https://github.com/deep-project/moss/issues/16

1

TypeTargetConfidenceTier
WeaknessUnrestricted Upload of File with Dangerous Typecwe-4340%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-41735
CVE
CVE-2025-3115
CVE
CVE-2025-54693
CVE
CVE-2025-61506
CVE
CVE-2026-21628
CVE
CVE-2025-30510
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.