CVE-2025-55454HIGH 8.8EPSS p44.5%

CVE-2025-55454CVE-2025-55454

Description

An authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask v1.0.51 allows attackers to execute arbitrary code via uploading a crafted file.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.61% probability of exploitation · percentile 44.5% · 2026-06-18T12:00:27Z
Published2025-08-22
Last modified2025-09-12

Underlying weaknesses· 1

CWE-434

References

  1. https://www.notion.so/Dootask-Arbitrary-file-upload-vulnerability-2162818a9e118053a586cf4bc05fd1fa

1

TypeTargetConfidenceTier
WeaknessUnrestricted Upload of File with Dangerous Typecwe-4340%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-14532
CVE
CVE-2025-59818
CVE
CVE-2025-41735
CVE
CVE-2025-55835
CVE
CVE-2026-2701
CVE
CVE-2025-55061
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.