CVE-2025-66955EPSS p22.2%

CVE-2025-66955CVE-2025-66955

asseco / live

Description

Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.

Scoring

CVSS 6.5 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS0.31% probability of exploitation · percentile 22.2% · 2026-06-19T12:03:05Z
Last modified2026-06-02

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-66956
CVE
CVE-2026-2743
CVE
CVE-2026-29205
CVE
CVE-2025-2305
CVE
CVE-2025-3365
CVE
CVE-2025-57790
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.